Info-zip : Security Vulnerabilities, CVEs, CVSS score >= 9

CVE-2018-1000034

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
Max CVSS
9.1
EPSS Score
0.22%
Published
2018-02-09
Updated
2018-02-26

CVE-2018-1000033

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
Max CVSS
9.1
EPSS Score
0.15%
Published
2018-02-09
Updated
2018-02-26

CVE-2008-0888

The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
Max CVSS
9.3
EPSS Score
7.19%
Published
2008-03-17
Updated
2018-10-15

CVE-2004-1010

Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
Max CVSS
10.0
EPSS Score
17.50%
Published
2005-03-01
Updated
2018-10-03
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close