CVE-2005-4667
published 2005-12-31CVE-2005-4667: Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the…
low3.7CVSS 3.1
AVLACHAuNCPIPAP
EXPLOIT
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | unzip | < unzip 5.52-7 (bookworm) | unzip 5.52-7 (bookworm) |
| info-zip | unzip | — | — |
| info-zip | unzip | — | — |
| info-zip | unzip | — | — |
| info-zip | unzip | — | — |
| info-zip | unzip | — | — |
| info-zip | unzip | — | — |
| info-zip | unzip | — | — |
| info-zip | unzip | — | — |
| unzip_project | unzip | >= 0 < 5.52-7 | 5.52-7 |
| unzip_project | unzip | >= 0 < 5.52-7 | 5.52-7 |
| unzip_project | unzip | >= 0 < 5.52-7 | 5.52-7 |
| unzip_project | unzip | >= 0 < 5.52-7 | 5.52-7 |
CVSS provenance
nvd3.7LOWAV:L/AC:H/Au:N/C:P/I:P/A:P
osv3.7LOW