CVE-2008-0888).">
OVAL Reference oval:org.mitre.oval:def:20339 - CERT Civis.Net
Oval Definition:
oval:org.mitre.oval:def:20339
Revision Date
:
2014-06-23
Version
:
6
Title
:
DSA-1522-1 unzip - potential code execution
Description
:
Tavis Ormandy discovered that unzip, when processing specially crafted ZIP archives, could pass invalid pointers to the C library's free routine, potentially leading to arbitrary code execution (
CVE-2008-0888
).
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2008-0888
DSA-1522-1
Platform(s)
:
Debian GNU/Linux 4.0
Product(s)
:
unzip
Definition Synopsis
Debian GNU/Linux 4.0 is installed.
AND
unzip DPKG is earlier than 0:5.52-9etch1
BACK