FreeBSD Bugzilla – Attachment 165091 Details for
Bug 204413
archivers/unzip multiple vulnerabilities
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
VuXML entry to be added
vuxml.raw (text/plain), 1.04 KB, created by
Emanuel Haupt
on 2016-01-05 06:01:17 UTC
(
hide
)
Description:
VuXML entry to be added
Filename:
MIME Type:
Creator:
Emanuel Haupt
Created:
2016-01-05 06:01:17 UTC
Size:
1.04 KB
patch
obsolete
> <vuln vid="86c3c66e-b2f5-11e5-863a-b499baebfeaf"> > <topic>archivers/unzip -- multiple vulnerabilities</topic> > <affects> > <package> > <name>archivers/unzip</name> > <range><lt>6.0_7</lt></range> > </package> > </affects> > <description> > <body xmlns="http://www.w3.org/1999/xhtml"> > <p>Gustavo Grieco reports:</p> > <blockquote cite="http://www.openwall.com/lists/oss-security/2015/09/07/4"> > <p>Two issues were found in unzip 6.0:</p> > <p> * A heap overflow triggered by unzipping a file with password > (e.g unzip -p -P x sigsegv.zip).</p> > <p> * A denegation of service with a file that never finishes unzipping > (e.g. unzip sigxcpu.zip).</p> > </blockquote> > </body> > </description> > <references> > <url>http://www.openwall.com/lists/oss-security/2015/09/07/4</url> > <freebsdpr>ports/204413</freebsdpr> > <cvename>CVE-2015-7696</cvename> > <cvename>CVE-2015-7697</cvename> > </references> > <dates> > <discovery>2015-09-26</discovery> > <entry>2016-01-04</entry> > </dates> > </vuln>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=165091">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 204413
:
165057
| 165091