Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
{ "binaries": [ { "binary_name": "unzip", "binary_version": "6.0-9ubuntu1.1" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }