IBM Information for VU#383779
ZIP archives containing files with large filenames can cause buffer overflows
- Vendor Information Help Date Notified: 16 Jul 2002
- Statement Date:
- Date Updated: 08 Oct 2002
The AIX operating system is not vulnerable to the ZIP archive exploits mentioned above through the compression/decompression utilities that ship with the base operating system.
As always, it's a good idea to list the contents of any archive file before unpacking and understand what changes may result from that action.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.