oCERT Releases Advisory for Unpatched UnZip Vulnerability

Original release date: December 22, 2014

The Open Source Computer Security Incident Response Team (oCERT) has released an advisory addressing vulnerabilities in all versions of UnZip. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system if a user opens a specially crafted zip file.

US-CERT recommends users and administrators to review the oCERT Advisory for more details.

This product is provided subject to this Notification and this Privacy & Use policy.