|Package(s):||infozip||CVE #(s):||CAN-2003-0282 CAN-2004-1010 CAN-2005-0602|
|Created:||May 2, 2005||Updated:||August 1, 2005|
|Description:||InfoZip reports that Zip 2.3 and (presumably) all previous versions have a buffer-overrun vulnerability relating to deep directory paths that could potentially lead to local privilege escalation (e.g., in the case of automated, Zip-based backups). All versions of UnZip through 5.50 have a number of directory-traversal vulnerabilities.|
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds