Info-ZIP UnZip File Name Buffer Overflow Vulnerability

Info-ZIP 'unzip' is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

This issue allows attackers to execute arbitrary machine code in the context of users running the affected application.


 

Privacy Statement
Copyright 2010, SecurityFocus