CVE-2014-9913

Name
CVE-2014-9913
Description
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.
NVD Severity
low
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Issue Tracking https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1643750
Mailing List http://www.openwall.com/lists/oss-security/2016/12/05/20
Mailing List http://www.openwall.com/lists/oss-security/2016/12/05/19
Mailing List http://www.openwall.com/lists/oss-security/2016/12/05/13
Mailing List http://www.openwall.com/lists/oss-security/2014/11/03/5
Third Party Advisory http://www.securityfocus.com/bid/95081

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:* unzip == None == 6.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
unzip 3.14-main 6.0-r9 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.13-main 6.0-r9 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.12-main 6.0-r9 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.11-main 6.0-r7 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.15-main 6.0-r9 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.16-main 6.0-r9 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.17-main 6.0-r13 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.18-main 6.0-r14 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.19-main 6.0-r14 Timo Teräs <timo.teras@iki.fi> fixed
unzip 3.20-main 6.0-r14 Timo Teräs <timo.teras@iki.fi> fixed
unzip edge-main 6.0-r15 Timo Teräs <timo.teras@iki.fi> fixed