CVE-2008-0888

Name of the Vulnerable Software and Affected Versions unzip (affected versions not specified)

Description The issue is related to the NEEDBITS macro in the inflate dynamic function in inflate.c, which can be invoked using invalid buffers. This allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.