CVE-2018-13410

CRITICAL

Zip - Use After Free

Title source: rule

Description

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value, given that the entire purpose of -TT is execution of arbitrary commands

Exploits (1)

nomisec NO CODE 1 stars

by shinecome · poc

https://github.com/shinecome/zip

View Code ZIP pw:eip

References (1)

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2018/Jul/24

Scores

CVSS v3 9.8

EPSS 0.0791

EPSS Percentile 92.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-416

Status published

Products (1)

info-zip_project/zip 3.0

Published Jul 06, 2018

Tracked Since Feb 18, 2026