CVE-2018-13410 — Use After Free in Project ZIP

CWE-416 — Use After Free5 documents5 sources

Severity

9.8CRITICALNVD

EPSS

7.9%

top 7.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Info-zip Project ZIP Debian ZIP Msrc Azl3 ZIP 3.0-6 ON Azure Linux 3.0 +16 more

Timeline

PublishedJul 6

Latest updateMay 14

Description

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value, given that the entire purpose of -TT is execution of arbitrary commands

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages20 packages

▶Debianinfo-zip_project/zip< 3.0-15+1

▶NVDinfo-zip_project/zip3.0

▶msrcmsrc/zip-debuginfo-3.0-5.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64

▶msrcmsrc/zip-debuginfo-3.0-5.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64

▶msrcmsrc/zip-debuginfo-3.0-5.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm

🔴Vulnerability Details

GHSA

GHSA-q826-v3v4-6jvj: ** DISPUTED ** Info-ZIP Zip 3↗2022-05-14

▶

OSV

CVE-2018-13410: Info-ZIP Zip 3↗2018-07-06

▶

📋Vendor Advisories

Microsoft

Info-ZIP Zip 3.0 when the -T and -TT command-line options are used allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because ↗2018-07-10

▶

Debian

CVE-2018-13410: zip - Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows atta...↗2018

▶