Main Vulnerability Database Exploits ID:8233 - Exploit for Out-of-bounds write in UnZip - CVE-2022-0529

ID:8233 - Exploit for Out-of-bounds write in UnZip - CVE-2022-0529

Published: August 9, 2022

Vulnerability identifier: #VU66220

Vulnerability risk: High

CVE-ID: CVE-2022-0529

CWE-ID: CWE-787

Exploitation vector: Remote access

Vulnerable software:
UnZip

Link to public exploit:

https://github.com/ByteHackr/unzip_poc

Vulnerability description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing zip archives during the conversion of a UTF-8 string to a local string. A remote attacker can create a specially crafted zip file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:8233 - Exploit for Out-of-bounds write in UnZip - CVE-2022-0529

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human