Vulnerabilities > Unzip Project > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-31 CVE-2014-8141 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
7.8
2020-01-31 CVE-2014-8140 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
7.8
2020-01-31 CVE-2014-8139 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
7.8