CVE-2015-1315

Info-Zip UnZip <6.10b - RCE

Title source: llm
STIX 2.1

Description

Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/02/17/4
Patch, Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2502-1

Scores

EPSS 0.0490
EPSS Percentile 91.0%

Details

CWE
CWE-119
Status published
Products (4)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 14.10
info-zip/unzip 6.10b
Published Feb 23, 2015
Tracked Since Feb 18, 2026