PT-2016-3238 · Info Zip+3 · Unzip+3

Martin Carpenter

Publicado

2016-11-03

Atualizado

2020-12-16

CVE-2014-9913

CVSS v3.1

4.0

Média

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Info-ZIP Unzip version 6.0

Description The issue is caused by a buffer overflow in the list files function, located in list.c, which can be exploited by a remote attacker to cause a denial of service through vectors related to the compression method.

Recommendations For Info-ZIP Unzip version 6.0, consider disabling the list files function as a temporary workaround until a patch is available. Restrict access to the compression method to minimize the risk of exploitation.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2020-3276

ALT-PU-2020-3281

ALT-PU-2020-3294

AZL-35335

AZL-6937

BDU:2018-00031

BDU:2018-00032

CVE-2014-9913

DLA-741-1

MGASA-2017-0015

OPENSUSE-SU-2018_3043-1

SUSE-SU-2017:0639-1

SUSE-SU-2017_0639-1

SUSE-SU-2018:2978-1

USN-4672-1

Produtos afetados

Alt Linux

Suse

Ubuntu

Unzip

PT-2016-3238 · Info Zip+3 · Unzip+3

CVE-2014-9913

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 49