Lucene search
Veracode Vulnerability DatabaseVERACODE:11624HistoryJan 15, 2019 - 9:05 a.m.
Denial Of Service (DoS)
2019-01-1509:05:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
EPSS
0.007
Percentile
79.6%
unzip is vulnerable to denial of service. The checksum of the extra fields of a file is not properly computed, which results in a buffer overflow when a malicious zip archive is processed with -t option, allowing a remote attacker to crash the application.
References
www.ocert.org/advisories/ocert-2014-011.html
www.securitytracker.com/id/1031433
access.redhat.com/errata/RHSA-2015:0700
access.redhat.com/security/cve/CVE-2014-8139
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1174844
rhn.redhat.com/errata/RHSA-2015-0700.html
Related
cbl_mariner
cbl_mariner
CVE-2014-8139 affecting package unzip for versions less than 6.0-20
2024-03-19 17:21:46
CVE-2014-8139 affecting package unzip 6.0-19
2020-10-08 18:09:51
CVE-2014-8139 affecting package unzip for versions less than 6.0-19
2022-04-09 06:51:51
debiancve
debiancve
CVE-2014-8139
2020-01-31 22:15:10
alpinelinux
alpinelinux
CVE-2014-8139
2020-01-31 22:15:10
nvd
nvd
CVE-2014-8139
2020-01-31 22:15:10
osv
osv
unzip - security update
2015-02-03 00:00:00
CVE-2014-8139
2020-01-31 22:15:10
unzip - security update
2015-02-07 00:00:00
ubuntucve
ubuntucve
CVE-2014-8139
2014-12-28 00:00:00
cvelist
cvelist
CVE-2014-8139
2020-01-31 22:00:28
nessus
nessus
CBL Mariner 2.0 Security Update: unzip (CVE-2014-8139)
2024-07-03 00:00:00
SuSE 11.3 Security Update : unzip (SAT Patch Number 10344)
2015-02-26 00:00:00
Debian DLA-150-1 : unzip security update
2015-03-26 00:00:00
prion
prion
Heap overflow
2020-01-31 22:15:00
cve
cve
CVE-2014-8139
2020-01-31 22:15:10
securityvulns
securityvulns
[SECURITY] [DSA 3152-1] unzip security update
2015-02-11 00:00:00
[oCERT-2014-011] UnZip input sanitization errors
2014-12-23 00:00:00
UnZip multiple security vulnerabilities
2015-02-22 00:00:00
debian
debian
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
[SECURITY] [DLA 150-1] unzip security update
2015-02-07 13:51:00
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
openvas
openvas
Debian Security Advisory DSA 3152-1 (unzip - security update)
2015-02-03 00:00:00
Debian: Security Advisory (DLA-150-1)
2023-03-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0377-1)
2021-06-09 00:00:00
freebsd
freebsd
unzip -- input sanitization errors
2014-12-03 00:00:00
mageia
mageia
Updated unzip package fixes security vulnerabilities
2014-12-31 15:28:04
archlinux
archlinux
unzip: arbitrary code execution
2015-01-10 00:00:00
f5
f5
ubuntu
ubuntu
unzip vulnerabilities
2015-01-14 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:17:42
centos
centos
unzip security update
2015-03-18 18:53:06
ibm
ibm
oraclelinux
oraclelinux
unzip security update
2015-03-18 00:00:00
gentoo
gentoo
UnZip: Multiple vulnerabilities
2016-11-01 00:00:00
photon
photon
redhat
redhat
(RHSA-2015:0700) Moderate: unzip security update
2015-03-18 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: unzip-6.0-20.fc21
2015-02-16 03:25:55
[SECURITY] Fedora 20 Update: unzip-6.0-17.fc20
2015-02-23 23:25:28
amazon
amazon
Medium: unzip
2015-04-15 21:48:00
slackware
slackware
[slackware-security] infozip
2019-03-01 20:58:06