Vulnerability CVE-2014-9913: Information
Description
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.
Severity: MEDIUM (4.0) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
unzip | sisyphus | 6.0-alt4 | 6.0-alt5 | ALT-PU-2020-3276-1 | 261685 | Fixed |
unzip | p10 | 6.0-alt4 | 6.0-alt5 | ALT-PU-2020-3276-1 | 261685 | Fixed |
unzip | p9 | 6.0-alt4 | 6.0-alt4 | ALT-PU-2020-3294-1 | 261695 | Fixed |
unzip | c10f1 | 6.0-alt4 | 6.0-alt5 | ALT-PU-2020-3276-1 | 261685 | Fixed |
unzip | c9f2 | 6.0-alt4 | 6.0-alt5 | ALT-PU-2020-3281-1 | 261697 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1643750 |
|
[oss-security] 20161205 Re: CVE Request: Info-Zip zipinfo buffer overflow |
|
[oss-security] 20161205 CVE Request: Info-Zip zipinfo buffer overflow |
|
[oss-security] 20161205 CVE Request: Info-Zip zipinfo buffer overflow |
|
[oss-security] 20141103 unzip -l crasher |
|
95081 |
|