CVE-2014-9636
published 2015-02-06CVE-2014-9636: unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller…
medium5CVSS 3.1
AVNACLAuNCNINAP
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | unzip | < unzip 6.0-15 (bookworm) | unzip 6.0-15 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | unzip-6.0-16.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | unzip-6.0-16.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| msrc | unzip-6.0-19.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm | — | — |
| msrc | unzip-6.0-19.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64 | — | — |
| msrc | unzip-6.0-20.azl3.aarch64.rpm_on_azure_linux_3.0_arm | — | — |
| msrc | unzip-6.0-20.azl3.x86_64.rpm_on_azure_linux_3.0_x64 | — | — |
| msrc | unzip-debuginfo-6.0-16.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm | — | — |
| msrc | unzip-debuginfo-6.0-16.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64 | — | — |
| msrc | unzip-debuginfo-6.0-19.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm | — | — |
| msrc | unzip-debuginfo-6.0-19.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64 | — | — |
| unzip_project | unzip | — | — |
| unzip_project | unzip | >= 0 < 6.0-15 | 6.0-15 |
| unzip_project | unzip | >= 0 < 6.0-15 | 6.0-15 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM