Unzip, when processing specially crafted ZIP aarchives, could pass invalid pointers to the C library's free routing, potentially leading to arbitrary code execution. The risk is MEDIUM. Could pass invalid pointers to the C library's free routine, potentially leading to arbitrary code execution.
More...