CVE-2018-1000033: unzip: Heap-based out-of-bounds access in extract.c:ef_scan_for_stream() possibly causing crash

Severity: Critical

CVSS Score: 9.1

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.