USN-2502-1: unzip vulnerabilities
17 February 2015
unzip could be made to run programs if it opened a specially crafted file.
- unzip - De-archiver for .zip files
William Robinet discovered that unzip incorrectly handled certain
malformed zip archives. If a user or automated system were tricked into
processing a specially crafted zip archive, an attacker could possibly
execute arbitrary code.