Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "6.0-9ubuntu1.1", "binary_name": "unzip" } ] }