Lucene search
Alpine Linux Development TeamALPINE:CVE-2014-9636HistoryFeb 06, 2015 - 3:59 p.m.
CVE-2014-9636
2015-02-0615:59:06
Alpine Linux Development Team
security.alpinelinux.org
28
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.6
Confidence
High
EPSS
0.259
Percentile
96.7%
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.10-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.11-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.12-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.13-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.14-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.15-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.16-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.17-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
| Alpine | 3.18-main | noarch | unzip | < 6.0-r3 | UNKNOWN |
Related
cbl_mariner
cbl_mariner
CVE-2014-9636 affecting package unzip for versions less than 6.0-19
2022-04-09 06:51:51
CVE-2014-9636 affecting package unzip for versions less than 6.0-20
2024-03-19 17:21:46
CVE-2014-9636 affecting package unzip 6.0-19
2020-10-08 18:09:51
openvas
openvas
Ubuntu: Security Advisory (USN-2489-1)
2022-08-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0355-1)
2021-04-19 00:00:00
Fedora Update for unzip FEDORA-2015-1267
2015-01-31 00:00:00
nessus
nessus
Fedora 21 : unzip-6.0-18.fc21 (2015-1189)
2015-01-29 00:00:00
SUSE SLED12 / SLES12 Security Update : unzip (SUSE-SU-2015:0355-1)
2015-05-20 00:00:00
Fedora 20 : unzip-6.0-15.fc20 (2015-1267)
2015-01-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Unzip Extra Field Uncompressed Size Buffer Overflow (CVE-2014-9636)
2015-04-20 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: unzip-6.0-18.fc21
2015-01-28 19:58:39
[SECURITY] Fedora 20 Update: unzip-6.0-15.fc20
2015-01-30 04:35:06
[SECURITY] Fedora 20 Update: unzip-6.0-17.fc20
2015-02-23 23:25:28
archlinux
archlinux
unzip: arbitrary code execution
2015-03-15 00:00:00
nvd
nvd
CVE-2014-9636
2015-02-06 15:59:06
prion
prion
Out-of-bounds
2015-02-06 15:59:00
freebsd
freebsd
unzip -- out of boundary access issues in test_compr_eb
2014-11-02 00:00:00
debiancve
debiancve
CVE-2014-9636
2015-02-06 15:59:06
ubuntucve
ubuntucve
CVE-2014-9636
2014-12-31 00:00:00
cvelist
cvelist
CVE-2014-9636
2015-02-06 15:00:00
cve
cve
CVE-2014-9636
2015-02-06 15:59:06
ubuntu
ubuntu
unzip vulnerability
2015-02-03 00:00:00
debian
debian
[SECURITY] [DLA 150-1] unzip security update
2015-02-07 13:51:00
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
suse
suse
Security update for unzip (moderate)
2018-07-07 03:08:17
Security update for unzip (moderate)
2018-10-05 21:18:21
osv
osv
unzip - security update
2015-02-07 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3152-1] unzip security update
2015-02-11 00:00:00
UnZip multiple security vulnerabilities
2015-02-22 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Intrusion Prevention System (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 )
2022-02-23 19:48:26
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:17:42
centos
centos
unzip security update
2015-03-18 18:53:06
amazon
amazon
Medium: unzip
2015-04-15 21:48:00
gentoo
gentoo
UnZip: Multiple vulnerabilities
2016-11-01 00:00:00
oraclelinux
oraclelinux
unzip security update
2015-03-18 00:00:00
redhat
redhat
(RHSA-2015:0700) Moderate: unzip security update
2015-03-18 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.6
Confidence
High
EPSS
0.259
Percentile
96.7%
Related for ALPINE:CVE-2014-9636