Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Software | From | Fixed in |
---|---|---|
redhat / enterprise_linux_desktop | 6.0 | 6.0.x |
redhat / enterprise_linux_desktop | 7.0 | 7.0.x |
redhat / enterprise_linux_server | 6.0 | 6.0.x |
redhat / enterprise_linux_server | 7.0 | 7.0.x |
redhat / enterprise_linux_workstation | 6.0 | 6.0.x |
redhat / enterprise_linux_workstation | 7.0 | 7.0.x |
redhat / enterprise_linux_server_eus | 6.6 | 6.6.x |
redhat / enterprise_linux_server_eus | 7.1 | 7.1.x |
redhat / enterprise_linux_server_eus | 7.2 | 7.2.x |
redhat / enterprise_linux_server_eus | 7.3 | 7.3.x |
redhat / enterprise_linux_server_eus | 7.4 | 7.4.x |
redhat / enterprise_linux_server_eus | 7.5 | 7.5.x |
redhat / enterprise_linux_server_eus | 7.6 | 7.6.x |
redhat / enterprise_linux_server_tus | 6.6 | 6.6.x |
redhat / enterprise_linux_server_tus | 7.3 | 7.3.x |
redhat / enterprise_linux_server_tus | 7.6 | 7.6.x |
redhat / enterprise_linux_server_tus | 7.7 | 7.7.x |
unzip_project / unzip | - | 6.0.x |