CVE-2005-4667: Buffer Overflow
First published: Sat Dec 31 2005(Updated: )
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Info-ZIP Zip | =5.2 | |
| Info-ZIP Zip | =5.3 | |
| Info-ZIP Zip | =5.31 | |
| Info-ZIP Zip | =5.32 | |
| Info-ZIP Zip | =5.40 | |
| Info-ZIP Zip | =5.41 | |
| Info-ZIP Zip | =5.42 | |
| Info-ZIP Zip | =5.50 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/15968
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0930.html
- http://www.osvdb.org/22400
- http://www.trustix.org/errata/2006/0006
- http://www.debian.org/security/2006/dsa-1012
- http://www.redhat.com/support/errata/RHSA-2007-0203.html
- http://secunia.com/advisories/25098
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:050
- http://www.info-zip.org/FAQ.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11252
- https://usn.ubuntu.com/248-2/
- https://usn.ubuntu.com/248-1/
- http://www.securityfocus.com/archive/1/430300/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2005-4667?
CVE-2005-4667 has a low severity rating due to its requirement for user-assisted exploitation.
How does CVE-2005-4667 allow code execution?
CVE-2005-4667 allows attackers to execute arbitrary code by triggering a buffer overflow through a long filename argument.
Which versions of UnZip are affected by CVE-2005-4667?
CVE-2005-4667 affects UnZip versions 5.31 and earlier, including 5.50.
How can I mitigate the vulnerability described in CVE-2005-4667?
To mitigate CVE-2005-4667, avoid using affected versions of UnZip and ensure that long filename arguments are not passed.
What types of systems are at risk from CVE-2005-4667?
Systems using vulnerable versions of UnZip that are exposed to user-provided input may be at risk from CVE-2005-4667.
- agent/type
- agent/first-publish-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/info-zip
- canonical/info-zip zip
- version/info-zip zip/5.2
- version/info-zip zip/5.3
- version/info-zip zip/5.31
- version/info-zip zip/5.32
- version/info-zip zip/5.40
- version/info-zip zip/5.41
- version/info-zip zip/5.42
- version/info-zip zip/5.50