https://sourceforge.net/p/infozip/bugs/75/Recent changes to 75: zip: CVE-2018-13410enTue, 22 Apr 2025 22:17:10 -0000https://sourceforge.net/p/infozip/bugs/75/<div class="markdown_content"><p>Hello. This is Debian Bug #903196 and this is the full URL for the bug:</p> <p><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903196" rel="nofollow">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903196</a></p> <p>Follows a summary of the bug.</p> <p>Salvatore Bonaccorso writes:</p> <div class="codehilite"><pre><span></span><code>The<span class="w"> </span>following<span class="w"> </span>vulnerability<span class="w"> </span>was<span class="w"> </span>published<span class="w"> </span>for<span class="w"> </span>zip.<span class="w"> </span>Note<span class="w"> </span>it<span class="w"> </span>is<span class="w"> </span>really disputed<span class="w"> </span>as<span class="w"> </span>security<span class="w"> </span>issue,<span class="w"> </span>filling<span class="w"> </span>this<span class="w"> </span>bug<span class="w"> </span>only<span class="w"> </span>for<span class="w"> </span>tracking<span class="w"> </span>the underlying<span class="w"> </span>bug<span class="w"> </span>in<span class="w"> </span>case<span class="w"> </span>it<span class="w"> </span>get's<span class="w"> </span>fixed.<span class="w"> </span>A<span class="w"> </span>possible<span class="w"> </span>attack<span class="w"> </span>scenario would<span class="w"> </span>involve<span class="w"> </span>an<span class="w"> </span>untrusted<span class="w"> </span>party<span class="w"> </span>which<span class="w"> </span>controls<span class="w"> </span>the<span class="w"> </span>-TT<span class="w"> </span>value.<span class="w"> </span>Still fill<span class="w"> </span>a<span class="w"> </span>but<span class="w"> </span>for<span class="w"> </span>tracking<span class="w"> </span>the<span class="w"> </span>bug/issue. CVE-2018-13410[0]: |<span class="w"> </span>**<span class="w"> </span><span class="nt">&lt;A</span><span class="w"> </span><span class="na">HREF=</span><span class="s">"https://cve.mitre.org/about/faqs.html#disputed_signify_in_cve_entry"</span><span class="nt">&gt;</span>DISPUTED<span class="nt">&lt;/A&gt;</span><span class="w"> </span>**<span class="w"> </span>Info-ZIP<span class="w"> </span>Zip<span class="w"> </span>3.0,<span class="w"> </span>when<span class="w"> </span>the<span class="w"> </span>-T<span class="w"> </span>and<span class="w"> </span>-TT<span class="w"> </span>command-line |<span class="w"> </span>options<span class="w"> </span>are<span class="w"> </span>used,<span class="w"> </span>allows<span class="w"> </span>attackers<span class="w"> </span>to<span class="w"> </span>cause<span class="w"> </span>a<span class="w"> </span>denial<span class="w"> </span>of<span class="w"> </span>service |<span class="w"> </span>(invalid<span class="w"> </span>free<span class="w"> </span>and<span class="w"> </span>application<span class="w"> </span>crash)<span class="w"> </span>or<span class="w"> </span>possibly<span class="w"> </span>have<span class="w"> </span>unspecified<span class="w"> </span>other |<span class="w"> </span>impact<span class="w"> </span>because<span class="w"> </span>of<span class="w"> </span>an<span class="w"> </span>off-by-one<span class="w"> </span>error.<span class="w"> </span>NOTE:<span class="w"> </span>it<span class="w"> </span>is<span class="w"> </span>unclear<span class="w"> </span>whether |<span class="w"> </span>there<span class="w"> </span>are<span class="w"> </span>realistic<span class="w"> </span>scenarios<span class="w"> </span>in<span class="w"> </span>which<span class="w"> </span>an<span class="w"> </span>untrusted<span class="w"> </span>party<span class="w"> </span>controls<span class="w"> </span>the |<span class="w"> </span>-TT<span class="w"> </span>value,<span class="w"> </span>given<span class="w"> </span>that<span class="w"> </span>the<span class="w"> </span>entire<span class="w"> </span>purpose<span class="w"> </span>of<span class="w"> </span>-TT<span class="w"> </span>is<span class="w"> </span>execution<span class="w"> </span>of |<span class="w"> </span>arbitrary<span class="w"> </span>commands. If<span class="w"> </span>you<span class="w"> </span>fix<span class="w"> </span>the<span class="w"> </span>vulnerability<span class="w"> </span>please<span class="w"> </span>also<span class="w"> </span>make<span class="w"> </span>sure<span class="w"> </span>to<span class="w"> </span>include<span class="w"> </span>the CVE<span class="w"> </span>(Common<span class="w"> </span>Vulnerabilities<span class="w"> </span><span class="err">&amp;</span><span class="w"> </span>Exposures)<span class="w"> </span>id<span class="w"> </span>in<span class="w"> </span>your<span class="w"> </span>changelog<span class="w"> </span>entry. For<span class="w"> </span>further<span class="w"> </span>information<span class="w"> </span>see: [0]<span class="w"> </span>https://security-tracker.debian.org/tracker/CVE-2018-13410 <span class="w"> </span>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13410 [1]<span class="w"> </span>http://seclists.org/fulldisclosure/2018/Jul/24 </code></pre></div> </div>Santiago VilaTue, 22 Apr 2025 22:17:10 -0000https://sourceforge.net12c4c1b6df8d2daaae81607434eabf63bfcc614a