CVE-2018-1000035 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	No
Type	Arbitrary code execution
Description	A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-611	unzip	6.0-14	6.0-15	Medium	Fixed

References
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-infozip-unzip/ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838 https://sources.debian.org/data/main/u/unzip/6.0-21+deb9u2/debian/patches/20-cve-2018-1000035-unzip-buffer-overflow.patch

References

https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-infozip-unzip/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838
https://sources.debian.org/data/main/u/unzip/6.0-21+deb9u2/debian/patches/20-cve-2018-1000035-unzip-buffer-overflow.patch