CVE-2005-4667

EPSS 3.1%

unzip - buffer overflow

Published: 12/31/2005Modified: 4/28/2026

Description

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.

Affected packages (2)

Debian/unzipfrom 0, < 5.52-7
Debian/unzipfrom 0, < 5.50-1woody6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-4667