FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-04-02 19:38:06 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
40549bbf-43b5-11d9-a9e7-0001020eed82	zip -- long path buffer overflow A HexView security advisory reports: When zip performs recursive folder compression, it does not check for the length of resulting path. If the path is too long, a buffer overflow occurs leading to stack corruption and segmentation fault. It is possible to exploit this vulnerability by embedding a shellcode in directory or file name. While the issue is not of primary concern for regular users, it can be critical for environments where zip archives are re-compressed automatically using Info-Zip application. Discovery 2004-10-03 Entry 2004-12-01 Modified 2004-12-12 zip < 2.3_2 CVE-2004-1010 11603 http://www.hexview.com/docs/20041103-1.txt

VuXML ID

Description

40549bbf-43b5-11d9-a9e7-0001020eed82

zip -- long path buffer overflow

A HexView security advisory reports:

When zip performs recursive folder compression, it does not check for the length of resulting path. If the path is too long, a buffer overflow occurs leading to stack corruption and segmentation fault. It is possible to exploit this vulnerability by embedding a shellcode in directory or file name. While the issue is not of primary concern for regular users, it can be critical for environments where zip archives are re-compressed automatically using Info-Zip application.

Discovery 2004-10-03
Entry 2004-12-01
Modified 2004-12-12
zip

< 2.3_2

CVE-2004-1010
11603
http://www.hexview.com/docs/20041103-1.txt