system/unzip: multiple vulnerabilities
Bugzilla ID | 123 |
Alias(es) | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2014-9636, CVE-2014-9913, CVE-2015-7696, CVE-2015-7697, CVE-2016-9844, CVE-2018-18384, CVE-2019-13232 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2019-07-29 04:10:28 -0500 |
Modified | 2020-06-12 19:30:04 -0500 |
Status | RESOLVED FIXED |
Version | 1.0-BETA3 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
Description
CVE-2014-9636: https://nvd.nist.gov/vuln/detail/CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service
(out-of-bounds read or write and crash) via an extra field with an
uncompressed size smaller than the compressed field size in a zip
archive that advertises STORED method compression.
CVE-2014-9913: https://nvd.nist.gov/vuln/detail/CVE-2014-9913
Buffer overflow in the list_files function in list.c in Info-Zip UnZip
6.0 allows remote attackers to cause a denial of service (crash) via
vectors related to the compression method.
CVE-2015-7696: https://nvd.nist.gov/vuln/detail/CVE-2015-7696
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of
service (heap-based buffer over-read and application crash) or
possibly execute arbitrary code via a crafted password-protected ZIP
archive, possibly related to an Extra-Field size value.
CVE-2015-7697: https://nvd.nist.gov/vuln/detail/CVE-2015-7697
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of
service (infinite loop) via empty bzip2 data in a ZIP archive.
CVE-2016-9844: https://nvd.nist.gov/vuln/detail/CVE-2016-9844
Buffer overflow in the zi_short function in zipinfo.c in Info-Zip
UnZip 6.0 allows remote attackers to cause a denial of service (crash)
via a large compression method value in the central directory file
header.
CVE-2018-18384: https://nvd.nist.gov/vuln/detail/CVE-2018-18384
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive
has a crafted relationship between the compressed-size value and the
uncompressed-size value, because a buffer size is 10 and is supposed
to be 12.
CVE-2019-13232: https://nvd.nist.gov/vuln/detail/CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP
container, leading to denial of service (resource consumption), aka a
"better zip bomb" issue.