Vulnerabilities

CVE-2012-1163

by Fred · 12/07/2012

Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.

Date published : 2012-07-12

http://www.nih.at/libzip/NEWS.html

http://www.gentoo.org/security/en/glsa/glsa-201203-23.xml

Similar

Tags: Cybersecurity Alert