Vulnerabilities > CVE-2018-1000032 - Out-of-bounds Write vulnerability in Info-Zip Unzip 6.10C22

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

info-zip

CWE-787

NVD

Published: 2018-02-09

Updated: 2024-11-21

Summary

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.

Vulnerable Configurations

Part	Description	Count
Application	Info-Zip Info ZIP Unzip 6.10C22	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Packetstorm

data source	https://packetstormsecurity.com/files/download/146292/SA-20180207-0.txt
id	PACKETSTORM:146292
last seen	2018-02-08
published	2018-02-07
reporter	Rene Freingruber
source	https://packetstormsecurity.com/files/146292/InfoZip-UnZip-6.00-6.1c22-Buffer-Overflow.html
title	InfoZip UnZip 6.00 / 6.1c22 Buffer Overflow

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Packetstorm

References