CVE-2005-4667

EPSS 3.1%

unzip - buffer overflow

發布日:2005/12/31修改日:2026/4/28

也稱為:DEBIAN-CVE-2005-4667

描述

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.

受影響套件(2)

Debian/unzipfrom 0, < 5.52-7
Debian/unzipfrom 0, < 5.50-1woody6

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-4667