CVE-2005-4667

Published: 31 December 2005

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.

Priority

Unknown

Status

Package Release Status
unzip
Launchpad, Ubuntu, Debian
Upstream Needs triage