Knowledge Library
Knowledge Library Home
Knowledge Library Home Knowledge Library Products Operating Systems Wind River Linux Wind River Linux 8 User Space Development LIN8-10002 : Security Advisory - unzip - CVE-2018-18384

LIN8-10002 : Security Advisory - unzip - CVE-2018-18384

Table of contents
Defect #: LIN8-10002
Found In Version8.0.0.28
Fix Version8.0.0.28
Severity:Standard
Status:Fixed
Created Date:10/31/2018
Component/s :Userspace
Sub Component:unzip

Description

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.

https://nvd.nist.gov/vuln/detail/CVE-2018-18384

Downloads


KLID_DEFECT (use as Content ID for linking):  KLID_DEFECT_57908
 
Last modified