CVE-2018-18384
Summary
| CVE | CVE-2018-18384 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2018-10-16 16:50:00 UTC |
|---|
| Updated | 2019-12-16 20:24:00 UTC |
|---|
| Description | Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Bug 1110194 – VUL-1: CVE-2018-18384: unzip: buffer overflow in list_files when printing into buffer with insufficient size |
MISC |
bugzilla.suse.com |
Exploit, Issue Tracking, Patch, Third Party Advisory |
| [security-announce] openSUSE-SU-2019:1117-1: moderate: Security update f |
SUSE |
lists.opensuse.org |
|
| Red Hat Customer Portal |
REDHAT |
access.redhat.com |
|
| Info-ZIP project / Bugs / #53 Insufficient cfactorstr[] size |
MISC |
sourceforge.net |
Patch, Third Party Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 377448 Alibaba Cloud Linux Security Update for unzip (ALINUX2-SA-2019:0081)
- 500712 Alpine Linux Security Update for unzip
- 504485 Alpine Linux Security Update for unzip
- 900181 CBL-Mariner Linux Security Update for unzip 6.0
- 901735 Common Base Linux Mariner (CBL-Mariner) Security Update for unzip (6942-1)
- 903677 Common Base Linux Mariner (CBL-Mariner) Security Update for unzip (1805)
