CVE-2014-8140 in Unzipproject and Red Hat Products
Published on January 31, 2020

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

NVD

Products Associated with CVE-2014-8140

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-8140 are published in these products:

Unzipproject Unzip

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Workstation

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Eus

Red Hat Enterprise Linux Server Tus

Affected Versions

Info-ZIP UnZip Version 6.0 and earlier is affected by CVE-2014-8140

Exploit Probability

EPSS

8.07%

Percentile

92.03%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-8140 in Unzipproject and Red Hat ProductsPublished on January 31, 2020

Products Associated with CVE-2014-8140

Affected Versions

Exploit Probability

CVE-2014-8140 in Unzipproject and Red Hat Products
Published on January 31, 2020