exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2014-8139

Status Candidate

Overview

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Related Files

Slackware Security Advisory - infozip Updates
Posted Mar 4, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New infozip packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384
MD5 | 8f809ffda4bef4c8b546a9321848782d
Gentoo Linux Security Advisory 201611-01
Posted Nov 1, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-1 - Multiple vulnerabilities have been found in UnZip allowing remote attackers to execute arbitrary code and cause Denial of Service. Versions less than 6.0_p20 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2014-9636
MD5 | a582e983ee01584452d768eeb54e3930
Apple Security Advisory 2015-06-30-2
Posted Jul 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-2 - OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege escalation, arbitrary code execution, access bypass, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2015-0209, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293, CVE-2015-1157, CVE-2015-1798, CVE-2015-1799, CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, CVE-2015-3668, CVE-2015-3671, CVE-2015-3672, CVE-2015-3673
MD5 | 32e0fef51b76ce3c73ed6338172843e8
Mandriva Linux Security Advisory 2015-123
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-123 - Updated unzip package fix multiple security vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141
MD5 | 0a51d6b85e2c61fc7dd06d5bccafb45b
Red Hat Security Advisory 2015-0700-01
Posted Mar 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0700-01 - The unzip utility is used to list, test, or extract files from a zip archive. A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2014-9636
MD5 | cf9f2af4a3853ef8397ab56550e16af3
Ubuntu Security Notice USN-2472-1
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2472-1 - Wolfgang Ettlinger discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141
MD5 | da5c0e6b8241b299b823f5c162e89d1a
Mandriva Linux Security Advisory 2015-016
Posted Jan 8, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-016 - The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification. the test_compr_eb() and the getZip64Data(). functions. The input errors may result in in arbitrary code execution. A specially crafted zip file, passed to the command unzip -t, can be used to trigger the vulnerability. OOB access (both read and write) issues also exist in test_compr_eb() that can result in application crash or other unspecified impact. A specially crafted zip file, passed to the command unzip -t, can be used to trigger the issues.

tags | advisory, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141
MD5 | 706c3ed21bc217e6ab70ff5c1daee028
Debian Security Advisory 3113-1
Posted Dec 29, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3113-1 - Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function (CVE-2014-8139), the test_compr_eb() function (CVE-2014-8140) and the getZip64Data() function (CVE-2014-8141), which may lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141
MD5 | f7566e7e2f5fa878a32d60492911d388
UnZip 6.0 Heap Buffer Overflow
Posted Dec 22, 2014
Authored by Andrea Barisani, Open Source CERT

UnZip versions 6.0 and below suffer from multiple heap-based buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141
MD5 | 66cf95c1412baffc97b43c0603b6fd01
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close