|Max CVSS||10.0||Min CVSS||1.2||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses
|19-10-2018 - 15:41||31-12-2005 - 05:00|
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) W
|12-10-2018 - 21:31||10-10-2002 - 04:00|
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
|03-10-2018 - 21:29||01-03-2005 - 05:00|
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
|11-10-2017 - 01:30||05-08-2005 - 04:00|
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
|11-10-2017 - 01:29||16-06-2003 - 04:00|
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
|18-10-2016 - 03:12||02-05-2005 - 04:00|