An integer overflow flaw, leading to a heap-based buffer overflow, was found in
the way libzip, which is embedded in PHP, processed certain ZIP archives. If an
attacker were able to supply a specially crafted ZIP archive to an application
using libzip, it could cause the application to crash or, possibly, execute
arbitrary code.