Shodan
Vulnerabilities
Vulnerable Software
Info-Zip:  Security Vulnerabilities
CVE-2013-5659
Wiz 5.0.3 has a user mode write access violation
CVSS Score
7.5
EPSS Score
0.003
Published
2020-01-27
CVE-2018-1000031
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2018-02-09
CVE-2018-1000032
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2018-02-09
CVE-2018-1000033
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
CVSS Score
9.1
EPSS Score
0.005
Published
2018-02-09
CVE-2018-1000034
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
CVSS Score
9.1
EPSS Score
0.004
Published
2018-02-09
CVE-2015-1315
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
CVSS Score
7.5
EPSS Score
0.106
Published
2015-02-23
CVE-2005-4667
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.
CVSS Score
3.7
EPSS Score
0.031
Published
2005-12-31
CVE-2005-2475
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
CVSS Score
1.2
EPSS Score
0.001
Published
2005-08-05
CVE-2005-0602
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
CVSS Score
6.2
EPSS Score
0.0
Published
2005-05-02
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
CVSS Score
10.0
EPSS Score
0.061
Published
2005-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved