CVE-2018-1000031 — Out-of-bounds Write in Unzip

CWE-787 — Out-of-bounds Write CWE-122 — Heap-based Buffer Overflow CWE-502 — Deserialization of Untrusted Data9 documents8 sources

Severity

7.8HIGHNVD

EPSS

0.5%

top 33.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Info-zip Unzip

Timeline

PublishedFeb 9

Latest updateMay 13

Description

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDinfo-zip/unzip6.10c22

🔴Vulnerability Details

GHSA

GHSA-3vgm-7gmr-wccx: A heap-based buffer overflow exists in Info-Zip UnZip version 6↗2022-05-13

▶

CVEList

CVE-2018-1000031: A heap-based buffer overflow exists in Info-Zip UnZip version 6↗2018-02-09

▶

📋Vendor Advisories

Cisco

Apache Struts Commons FileUpload Library Remote Code Execution Vulnerability Affecting Cisco Products: November 2018↗2018-11-07

▶

Red Hat

unzip: Heap-based out-of-bounds write in fileio.c:set_zipfn_sgmnt_name() possibly causing crash↗2018-02-07

▶

Debian

CVE-2018-1000031: unzip - A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allow...↗2018

▶

💬Community

Bugzilla

CVE-2018-1000031 CVE-2018-1000032 CVE-2018-1000033 CVE-2018-1000035 unzip: various flaws [fedora-all]↗2018-02-08

▶

Bugzilla

CVE-2018-1000031 unzip: Heap-based out-of-bounds write in fileio.c:set_zipfn_sgmnt_name() possibly causing crash↗2018-01-22

▶