Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2018-6484
HistoryFeb 01, 2018 - 5:29 a.m.

CVE-2018-6484

2018-02-0105:29:00
[email protected]
web.nvd.nist.gov
40
cve-2018-6484
zziplib
memory alignment error
denial of service
zip file
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.4%

JSON

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

Affected configurations

NVD
Node
zziplib_projectzziplibMatch0.13.67
Node
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch17.10
OR
canonicalubuntu_linuxMatch18.04lts

Related

prion 1
debiancve 1
osv 2
nvd 1
veracode 1
redhatcve 1
ubuntucve 3
cvelist 1
fedora 2
openvas 7
nessus 10
debian 1
ubuntu 1
mageia 1
freebsd 1
prion
prion
Design/Logic Flaw
2018-02-01 05:29:00
debiancve
debiancve
CVE-2018-6484
2018-02-01 05:29:00
osv
osv
CVE-2018-6484
2018-02-01 05:29:00
zziplib - security update
2020-06-28 00:00:00
nvd
nvd
CVE-2018-6484
2018-02-01 05:29:00
veracode
veracode
Denial Of Service (DoS)
2018-02-01 08:27:54
redhatcve
redhatcve
CVE-2018-6484
2018-02-02 06:49:48
ubuntucve
ubuntucve
CVE-2018-6484
2018-02-01 00:00:00
CVE-2018-6541
2018-02-02 00:00:00
CVE-2018-6869
2018-02-09 00:00:00
cvelist
cvelist
CVE-2018-6484
2018-02-01 05:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: zziplib-0.13.68-1.fc27
2018-02-20 17:20:57
[SECURITY] Fedora 27 Update: zziplib-0.13.69-1.fc27
2018-09-13 17:07:13
openvas
openvas
Fedora Update for zziplib FEDORA-2018-8d544ee879
2018-02-21 00:00:00
Fedora Update for zziplib FEDORA-2018-45183aab17
2018-09-14 00:00:00
Debian: Security Advisory (DLA-2258-1)
2020-06-29 00:00:00
nessus
nessus
Fedora 27 : zziplib (2018-8d544ee879)
2018-02-21 00:00:00
openSUSE Security Update : zziplib (openSUSE-2018-215)
2018-02-28 00:00:00
SUSE SLED12 Security Update : zziplib (SUSE-SU-2018:0548-1)
2018-02-28 00:00:00
debian
debian
[SECURITY] [DLA 2258-1] zziplib security update
2020-06-28 12:37:46
ubuntu
ubuntu
zziplib vulnerabilities
2018-07-03 00:00:00
mageia
mageia
Updated zziplib packages fix security vulnerability
2019-02-21 01:18:01
freebsd
freebsd
zziplib - multiple vulnerabilities
2017-03-01 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.4%

JSON
Related for CVE-2018-6484
prion1debiancve1osv2nvd1veracode1redhatcve1ubuntucve3cvelist1fedora2openvas7nessus10debian1ubuntu1mageia1freebsd1