CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-11-06 18:59

Updated : 2023-12-10 11:46


NVD link : CVE-2015-7696

Mitre link : CVE-2015-7696

CVE.ORG link : CVE-2015-7696


JSON object : View

Products Affected

debian

  • debian_linux

unzip_project

  • unzip

canonical

  • ubuntu_linux
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer