CVE-2018-13410

ADVISORY - nist

Summary

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value, given that the entire purpose of -TT is execution of arbitrary commands

EPSS Score⁠: 0.08591 (0.921)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-416⁠

Use After Free

Impacted images

Advisories

NIST

CREATED

8 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2018-13410⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

9.8critical

Debian

CREATED

8 years ago

UPDATED

11 days ago

ADVISORY IDCVE-2018-13410⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

8 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2018-13410⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.8low

Photon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

CVE-2018-13410

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.8critical