PT-2018-1912 · Info Zip+5 · Info-Zip Unzip+5

Kristýna Streitová

Published

2018-09-28

Updated

2024-06-15

CVE-2018-18384

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Info-ZIP UnZip version 6.0

Description The issue is caused by a buffer overflow in the list.c file of the Info-ZIP UnZip archiver. This occurs when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, due to a buffer size mismatch, where the size is 10 but should be 12. Exploitation of this issue may allow an attacker to execute arbitrary code.

Recommendations For Info-ZIP UnZip version 6.0, consider applying a patch or update that fixes the buffer size mismatch in the list.c file to prevent the buffer overflow. As a temporary workaround, restrict the use of crafted ZIP archives to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2020-3276

ALT-PU-2020-3281

ALT-PU-2020-3294

AZL-35340

AZL-6942

BDU:2018-01516

BDU:2019-03597

CESA-2019_2159

CVE-2018-18384

OPENSUSE-SU-2019:1117-1

OPENSUSE-SU-2019_1117-1

OPENSUSE-SU-2024:11485-1

RHSA-2019:2159

RHSA-2019_2159

SUSE-SU-2019:0707-1

SUSE-SU-2019:13984-1

SUSE-SU-2019_0707-1

SUSE-SU-2019_13984-1

SUSE-SU-2020:1796-1

SUSE-SU-2020_1796-1

USN-4672-1

Affected Products

Alt Linux

Centos

Info-Zip Unzip

Red Hat

Suse

Ubuntu

PT-2018-1912 · Info Zip+5 · Info-Zip Unzip+5

CVE-2018-18384

Weakness Enumeration

Related Identifiers

Affected Products

References · 49