Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-2502-1
HistoryFeb 17, 2015 - 12:00 a.m.

unzip vulnerabilities

2015-02-1700:00:00
ubuntu.com
39

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

9.5

Confidence

High

EPSS

0.063

Percentile

93.7%

JSON

Releases

  • Ubuntu 14.10
  • Ubuntu 14.04 ESM
  • Ubuntu 12.04

Packages

  • unzip - De-archiver for .zip files

Details

William Robinet discovered that unzip incorrectly handled certain
malformed zip archives. If a user or automated system were tricked into
processing a specially crafted zip archive, an attacker could possibly
execute arbitrary code.

OSVersionArchitecturePackageVersionFilename
Ubuntu14.10noarchunzip< 6.0-12ubuntu1.3UNKNOWN
Ubuntu14.04noarchunzip< 6.0-9ubuntu1.3UNKNOWN
Ubuntu12.04noarchunzip< 6.0-4ubuntu2.3UNKNOWN

Related

ubuntucve 1
cve 1
broadcom 1
prion 1
cvelist 1
nessus 2
nvd 1
openvas 2
debiancve 1
freebsd 1
securityvulns 2
mageia 1
packetstorm 1
zdt 1
ubuntucve
ubuntucve
CVE-2015-1315
2015-02-17 00:00:00
cve
cve
CVE-2015-1315
2015-02-23 17:59:00
broadcom
broadcom
Buffer overflow in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string
2023-08-29 00:00:00
prion
prion
Buffer overflow
2015-02-23 17:59:00
cvelist
cvelist
CVE-2015-1315
2015-02-23 17:00:00
nessus
nessus
FreeBSD : unzip -- heap based buffer overflow in iconv patch (3680b234-b6f0-11e4-b7cc-d050992ecde8)
2015-02-18 00:00:00
Ubuntu 14.04 LTS : unzip vulnerabilities (USN-2502-1)
2015-02-18 00:00:00
nvd
nvd
CVE-2015-1315
2015-02-23 17:59:00
openvas
openvas
Ubuntu: Security Advisory (USN-2502-1)
2015-02-18 00:00:00
Mageia: Security Advisory (MGASA-2018-0422)
2022-01-28 00:00:00
debiancve
debiancve
CVE-2015-1315
2015-02-23 17:59:00
freebsd
freebsd
unzip -- heap based buffer overflow in iconv patch
2015-02-17 00:00:00
securityvulns
securityvulns
[USN-2502-1] unzip vulnerabilities
2015-02-22 00:00:00
UnZip multiple security vulnerabilities
2015-02-22 00:00:00
mageia
mageia
Updated unzip packages fix security vulnerabilities
2018-10-30 21:01:43
packetstorm
packetstorm
InfoZip UnZip 6.00 / 6.1c22 Buffer Overflow
2018-02-07 00:00:00
zdt
zdt
InfoZip UnZip 6.00 / 6.1c22 Buffer Overflow Vulnerability
2018-02-08 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

9.5

Confidence

High

EPSS

0.063

Percentile

93.7%

JSON
Related for USN-2502-1
ubuntucve1cve1broadcom1prion1cvelist1nessus2nvd1openvas2debiancve1freebsd1securityvulns2mageia1packetstorm1zdt1