Alexis

**Name of the Vulnerable Software and Affected Versions** Info-Zip Unzip version 6.0 **Description** The issue is caused by a buffer overflow in the `zi short` function, located in the `zipinfo.c` file of the Info-Zip Unzip file archiver. This buffer overflow occurs due to an out-of-bounds operation in memory. The exploitation of this issue may allow a remote attacker to cause a denial of service, specifically a crash, through vectors related to the compression method. This can be achieved by using a large compression method value in the central directory file header. **Recommendations** For Info-Zip Unzip version 6.0, consider applying a patch or update that fixes the buffer overflow in the `zi short` function to prevent potential denial of service attacks. As a temporary workaround, restrict the use of large compression method values in the central directory file header to minimize the risk of exploitation.