- Home
- CVEs with nessus.description==This update for unzip fixes the following security issues :
- CVE-2014-9913: Specially crafted zip files could trigger
invalid memory writes possibly resulting in DoS or
corruption (bsc#1013993)
- CVE-2015-7696: Specially crafted zip files with password
protection could trigger a crash and lead to denial of
service (bsc#950110)
- CVE-2015-7697: Specially crafted zip files could trigger
an endless loop and lead to denial of service
(bsc#950111)
- CVE-2016-9844: Specially crafted zip files could trigger
invalid memory writes possibly resulting in DoS or
corruption (bsc#1013992)
- CVE-2018-1000035: Prevent heap-based buffer overflow in
the processing of password-protected archives that
allowed an attacker to perform a denial of service or to
possibly achieve code execution (bsc#1080074).
- CVE-2014-9636: Prevent denial of service (out-of-bounds
read or write and crash) via an extra field with an
uncompressed size smaller than the compressed field size
in a zip archive that advertises STORED method
compression (bsc#914442).
This non-security issue was fixed :
- Allow processing of Windows zip64 archives (Windows
archivers set total_disks field to 0 but per standard,
valid values are 1 and higher) (bnc#910683)
This update was imported from the SUSE:SLE-12:Update update project.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top