Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-1000033

Опубликовано: 07 фев. 2018
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

Отчет

This issue did not affect the versions of unzip as shipped with Red Hat Enterprise Linux 5, 6, and 7, as they did not include support for ef_scan_for_stream function.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5unzipNot affected
Red Hat Enterprise Linux 6unzipNot affected
Red Hat Enterprise Linux 7unzipNot affected
Red Hat Enterprise Linux 8unzipNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1537062unzip: Heap-based out-of-bounds access in extract.c:ef_scan_for_stream() possibly causing crash

EPSS

Процентиль: 66%
0.00513
Низкий

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-1000033

CVSS3: 9.1
ubuntu
почти 8 лет назад

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

nvd логотип

CVE-2018-1000033

CVSS3: 9.1
nvd
почти 8 лет назад

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

debian логотип

CVE-2018-1000033

CVSS3: 9.1
debian
почти 8 лет назад

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that al ...

github логотип

GHSA-9p89-vww3-h8hf

CVSS3: 9.1
github
больше 3 лет назад

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.

EPSS

Процентиль: 66%
0.00513
Низкий

3.3 Low

CVSS3