CVE-2012-4025

Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow.

Date published : 2012-07-19

http://www.securityfocus.com/bid/54610

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0001