Computer Security
[EN] securityvulns.ru
no-pyccku

  

libzip securitty vulnerabilities
updated since 25.03.2012
Published:02.04.2012
Source:
SecurityVulns ID:12285
Type:library
Threat Level:
6/10
Description:Buffer overflow and integer overflow on zip files parsing.
Affected:LIBZIP : libzip 0.10
CVE:CVE-2012-1163 (Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.)
 CVE-2012-1162 (Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct.")
Original documentdocumentTimo Warns, [PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip (02.04.2012)
 documentMANDRIVA, [ MDVSA-2012:034 ] libzip (25.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru