CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9636

unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.65

EPSS Ranking 98.4%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2014-9636

Unzip Project » Unzip » Version: 6.0

cpe:2.3:a:unzip_project:unzip:6.0
Canonical » Ubuntu Linux » Version: 10.04

cpe:2.3:o:canonical:ubuntu_linux:10.04
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 14.10

cpe:2.3:o:canonical:ubuntu_linux:14.10
Debian » Debian Linux » Version: 7.0

cpe:2.3:o:debian:debian_linux:7.0
Fedoraproject » Fedora » Version: 20

cpe:2.3:o:fedoraproject:fedora:20
Fedoraproject » Fedora » Version: 21

cpe:2.3:o:fedoraproject:fedora:21

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9636

Products

Pricing

Contact Us