CVE-2014-9913

CWE-119Buffer OverflowCWE-121Stack-based Buffer Overflow10 documents9 sources
Severity
4.0MEDIUM
EPSS
3.9%
top 11.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Unzip Project Unzip
Timeline
PublishedJan 18
Latest updateMay 13

Description

Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.5 | Impact: 1.4

Affected Packages2 packages

Debianunzip< 6.0-21+3

🔴Vulnerability Details

3
GHSA
GHSA-7vv9-r95r-f25f: Buffer overflow in the list_files function in list2022-05-13
OSV
CVE-2014-9913: Buffer overflow in the list_files function in list2017-01-18
CVEList
CVE-2014-9913: Buffer overflow in the list_files function in list2017-01-18

📋Vendor Advisories

4
Ubuntu
unzip vulnerabilities2020-12-16
Microsoft
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.2017-01-10
Red Hat
unzip: methbuf[] buffer overflow in unzip's list_files()2014-11-03
Debian
CVE-2014-9913: unzip - Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allow...2014

💬Community

2
Bugzilla
CVE-2014-9913 unzip: methbuf[] buffer overflow in unzip's list_files()2016-12-06
Bugzilla
CVE-2016-9844 unzip: methbuf[] buffer overflow in zipinfo's zi_short()2016-12-06