CVE-2005-4667

N/A Unknown

Published: December 31, 2005 Modified: April 16, 2026

Description

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0930.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/25098

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1012

Source: cve@mitre.org

Patch Vendor Advisory

http://www.info-zip.org/FAQ.html

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:050

Source: cve@mitre.org

http://www.osvdb.org/22400

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2007-0203.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/430300/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/15968

Source: cve@mitre.org

Exploit

http://www.trustix.org/errata/2006/0006

Source: cve@mitre.org

Patch Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11252

Source: cve@mitre.org

https://usn.ubuntu.com/248-1/

Source: cve@mitre.org

https://usn.ubuntu.com/248-2/

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0930.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://secunia.com/advisories/25098

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2006/dsa-1012

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.info-zip.org/FAQ.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:050

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/22400

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2007-0203.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/430300/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15968

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.trustix.org/errata/2006/0006

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11252

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/248-1/

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/248-2/

Source: af854a3a-2127-422b-91ae-364da2661108

26 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

3.1%

87th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

info-zip

Related CVEs

CVE-2026-41279 N/A

CVE-2026-41278 N/A

CVE-2026-41277 N/A

CVE-2026-41276 N/A

CVE-2026-41275 N/A