Computer Security
[EN] securityvulns.ru no-pyccku


libarchive integer overflow
Published:06.05.2013
Source:
SecurityVulns ID:13060
Type:library
Threat Level:
5/10
Description:Integer overflow on zip file creation leads to buffer overflow.
Affected:LIBARCHIVE : libarchive 3.0
CVE:CVE-2013-0211 (Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:147 ] libarchive (06.05.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod