Vulnerabilities > Info ZIP
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-27 | CVE-2013-5659 | Out-of-bounds Write vulnerability in Info-Zip WIZ 5.0.3 Wiz 5.0.3 has a user mode write access violation | 5.0 |
2018-02-09 | CVE-2018-1000034 | Out-of-bounds Read vulnerability in Info-Zip Unzip 6.10C22 An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. | 6.4 |
2018-02-09 | CVE-2018-1000033 | Out-of-bounds Read vulnerability in Info-Zip Unzip 6.10C22 An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. | 6.4 |
2018-02-09 | CVE-2018-1000032 | Out-of-bounds Write vulnerability in Info-Zip Unzip 6.10C22 A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. | 6.8 |
2018-02-09 | CVE-2018-1000031 | Out-of-bounds Write vulnerability in Info-Zip Unzip 6.10C22 A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. | 6.8 |
2015-02-23 | CVE-2015-1315 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. | 7.5 |
2008-03-17 | CVE-2008-0888 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Info-Zip Unzip The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data. | 9.3 |
2005-12-31 | CVE-2005-4667 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Info-Zip Unzip Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. | 3.7 |
2005-08-05 | CVE-2005-2475 | Unspecified vulnerability in Info-Zip Unzip 5.52 Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete. | 1.2 |
2005-05-02 | CVE-2005-0602 | Privilege Escalation vulnerability in Info-Zip Unzip 5.50 Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges. | 6.2 |