Unrated severityNVD Advisory· Published Feb 6, 2015· Updated May 6, 2026
CVE-2014-9636
CVE-2014-9636
Description
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- www.info-zip.org/phpBB3/viewtopic.phpnvdPatchVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-January/148792.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-January/148849.htmlnvd
- seclists.org/oss-sec/2014/q4/1131nvd
- seclists.org/oss-sec/2014/q4/489nvd
- seclists.org/oss-sec/2014/q4/496nvd
- seclists.org/oss-sec/2015/q1/216nvd
- secunia.com/advisories/62738nvd
- secunia.com/advisories/62751nvd
- www.debian.org/security/2015/dsa-3152nvd
- www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlnvd
- www.securityfocus.com/bid/71825nvd
- www.ubuntu.com/usn/USN-2489-1nvd
- security.gentoo.org/glsa/201611-01nvd
News mentions
0No linked articles in our index yet.