This security bulletin contains one low risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a local non-authenticated attacker to perform service disruption.
Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.Mitigation
Install update from vendor's website.Vulnerable software versions
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?