FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

unzip -- input sanitization errors

Affected packages
unzip <= 6.0_2

Details

VuXML ID d9360908-9d52-11e4-87fd-10bf48e1088e
Discovery 2014-12-03
Entry 2015-01-16

oCERT reports:

The UnZip tool is an open source extraction utility for archives compressed in the zip format.

The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification, the test_compr_eb() and the getZip64Data() functions. The input errors may result in arbitrary code execution.

A specially crafted zip file, passed to unzip -t, can be used to trigger the vulnerability.

[source]

References

CVE Name CVE-2014-8139
CVE Name CVE-2014-8140
CVE Name CVE-2014-8141
URL http://www.info-zip.org/UnZip.html
URL https://bugzilla.redhat.com/show_bug.cgi?id=1174844
URL https://bugzilla.redhat.com/show_bug.cgi?id=1174856
URL https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8140

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.