Info-Zip Unzip vulnerabilities

CVE-2014-8140 [HIGH] CWE-787 CVE-2014-8140: Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows re Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

CVE-2014-8139 [HIGH] CVE-2014-8139: Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6 Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

CVE-2014-8141 [HIGH] CWE-787 CVE-2014-8141: Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows rem Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

CVE-2018-1000033 [CRITICAL] CWE-125 CVE-2018-1000033: An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

CVE-2018-1000034 [CRITICAL] CWE-125 CVE-2018-1000034: An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

CVE-2018-1000031 [HIGH] CWE-787 CVE-2018-1000031: A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to per A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.

CVE-2018-1000032 [HIGH] CWE-787 CVE-2018-1000032: A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to per A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.

CVE-2015-1315 [HIGH] CWE-119 CVE-2015-1315: Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remo Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.

CVE-2008-0888 [CRITICAL] CWE-119 CVE-2008-0888: The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using inval The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.

CVE-2005-4667 [LOW] CWE-119 CVE-2005-4667: Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code v Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.

CVE-2005-2475 [LOW] CVE-2005-2475: Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.

CVE-2005-0602 [MEDIUM] CVE-2005-0602: Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.

CVE-2003-0282 [LOW] CVE-2003-0282: Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via in Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.

CVE-2001-1268 [LOW] CVE-2001-1268: Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite a Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.

CVE-2001-1269 [LOW] CVE-2001-1269: Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extract Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.