2020-01-31 23:15:00 2020-02-05 21:40:00

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Redhat Enterprise linux workstation 7.0 * * * (not an official CPE) Redhat Enterprise linux workstation 6.0 * * * (not an official CPE) Redhat Enterprise linux server tus 7.7 * * * (not an official CPE) Redhat Enterprise linux server tus 7.6 * * * (not an official CPE) Redhat Enterprise linux server tus 7.3 * * * (not an official CPE) Redhat Enterprise linux server tus 6.6 * * * (not an official CPE) Redhat Enterprise linux server eus 7.7 * * * (not an official CPE) Redhat Enterprise linux server eus 7.6 * * * (not an official CPE) Redhat Enterprise linux server eus 7.5 * * * (not an official CPE) Redhat Enterprise linux server eus 7.4 * * * (not an official CPE) Redhat Enterprise linux server eus 7.3 * * * (not an official CPE) Redhat Enterprise linux server eus 7.2 * * * (not an official CPE) Redhat Enterprise linux server eus 7.1 * * * (not an official CPE) Redhat Enterprise linux server eus 6.6 * * * (not an official CPE) Redhat Enterprise linux server aus 7.7 * * * (not an official CPE) Redhat Enterprise linux server aus 7.6 * * * (not an official CPE) Redhat Enterprise linux server aus 7.4 * * * (not an official CPE) Redhat Enterprise linux server aus 7.3 * * * (not an official CPE) Redhat Enterprise linux server aus 6.6 * * * (not an official CPE) Redhat Enterprise linux server 7.0 * * * (not an official CPE) Redhat Enterprise linux server 6.0 * * * (not an official CPE) Redhat Enterprise linux desktop 7.0 * * * (not an official CPE) Redhat Enterprise linux desktop 6.0 * * * (not an official CPE)