Buffer overflow in UnZip 5.50 and previous versions allows user-assisted malicious users to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
info-zip unzip 5.2 |
||
info-zip unzip 5.3 |
||
info-zip unzip 5.31 |
||
info-zip unzip 5.41 |
||
info-zip unzip 5.42 |
||
info-zip unzip 5.50 |
||
info-zip unzip 5.32 |
||
info-zip unzip 5.40 |