Buffer Overflow in Info-ZIP UnZip 6.0's list.c due to Crafted Relationship in ZIP Archive

Buffer Overflow in Info-ZIP UnZip 6.0's list.c due to Crafted Relationship in ZIP Archive

CVE-2018-18384 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.

Learn more about our Web Application Penetration Testing UK.