CVE-2014-9913

Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.
References
Link Resource
http://www.openwall.com/lists/oss-security/2014/11/03/5 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/12/05/13 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/12/05/19 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/12/05/20 Mailing List Third Party Advisory
http://www.securityfocus.com/bid/95081 Third Party Advisory VDB Entry
https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1643750 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-01-18 17:59

Updated : 2024-02-04 19:11


NVD link : CVE-2014-9913

Mitre link : CVE-2014-9913

CVE.ORG link : CVE-2014-9913


JSON object : View

Products Affected

unzip_project

  • unzip
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer