CVE-2014-9636CVE-2014-9636

Affected configuration(s):

cpe:/a:info-zip:unzip:6.0
cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.10
cpe:/o:debian:debian_linux:7.0
cpe:/o:fedoraproject:fedora:20
cpe:/o:fedoraproject:fedora:21

Date published: 2015-02-06T10:59:06.757-05:00

Date last modified: 2017-06-30T21:29:09.497-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148792.html

Summary: unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.