CVE-2015-1315
published 2015-02-23CVE-2015-1315: Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | unzip | — | — |
| info-zip | unzip | — | — |
| unzip_project | unzip | >= 0 < 6.0-9ubuntu1.3 | 6.0-9ubuntu1.3 |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH