← back
CVE-2015-1315

CVE-2015-1315

EPSS 4.9%
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/580961/comments/120http://www.conostix.com/pub/adv/CVE-2015-1315-Info-ZIP-unzip-Out-of-bounds_Write.txthttp://www.openwall.com/lists/oss-security/2015/02/17/4http://www.ubuntu.com/usn/USN-2502-1