CVE-2005-0602
published 2005-05-02CVE-2005-0602: Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
medium6.2CVSS 3.1
AVLACHAuNCCICAC
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | unzip | < unzip 5.52-1 (bookworm) | unzip 5.52-1 (bookworm) |
| info-zip | unzip | <= 5.51 | — |
| info-zip | unzip | — | — |
| unzip_project | unzip | >= 0 < 5.52-1 | 5.52-1 |
| unzip_project | unzip | >= 0 < 5.52-1 | 5.52-1 |
| unzip_project | unzip | >= 0 < 5.52-1 | 5.52-1 |
| unzip_project | unzip | >= 0 < 5.52-1 | 5.52-1 |
CVSS provenance
nvd6.2MEDIUMAV:L/AC:H/Au:N/C:C/I:C/A:C
osv6.2MEDIUM