Azure Linux 3.0 Security Update: zziplib (CVE-2017-5974)

The version of zziplib installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-5974 advisory. - Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.5...

CVE-2017-5974 affecting package zziplib for versions less than 0.13.74-1

CVE-2017-5974 affecting package zziplib for versions less than 0.13.74-1. An upgraded version of the package is available that resolves this issue...

Linux Distros Unpatched Vulnerability : CVE-2017-5974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers...

RHEL 7 : zziplib (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zziplib: uncontrolled memory allocation in zzipparserootdirectory in zzip/zip.c CVE-2018-6869 - Heap-base...

Mageia: Security Advisory (MGASA-2017-0163)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for zziplib (EulerOS-SA-2021-1240)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 28 : zziplib (2018-237e9b550c)

Update zziplib to 0.13.69 version, fixes all known CVEs for the package. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

[SECURITY] [DLA 994-1] zziplib security update

Package : zziplib Version : 0.13.56-1.1+deb7u1 CVE ID : CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5978 CVE-2017-5979 CVE-2017-5980 CVE-2017-5981 CVE-2017-5974 Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib allows remote attackers to cause a denial of service...

Debian DSA-3878-1 : zziplib - security update

Agostino Sarubbo discovered multiple vulnerabilities in zziplib, a library to access Zip archives, which could result in denial of service and potentially the execution of arbitrary code if a malformed archive is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

openSUSE Security Update : zziplib (openSUSE-2017-554)

This update for zziplib fixes the following issues : Secuirty issues fixed : - CVE-2017-5974: heap-based buffer overflow in zzipget32 fetch.c bsc1024517 - CVE-2017-5975: heap-based buffer overflow in zzipget64 fetch.c bsc1024528 - CVE-2017-5976: heap-based buffer overflow in zzipmementryextrabloc...

AZL-43603 CVE-2017-5974 affecting package zziplib 0.13.72-3

Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service crash via a crafted ZIP file...

CVE-2017-5974

Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service crash via a crafted ZIP file...

CVE-2017-5974

CVE-2017-5974 affects zziplib, with heap-based buffer overflow in __zzip_get32 (fetch.c) in zziplib 0.13.62 (and earlier 0.13.56–0.13.61) that can crash the process or, per some advisories, enable arbitrary code execution when processing crafted ZIP files. Multiple advisories confirm affected ver...

CVE-2017-5974

Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service crash via a crafted ZIP file...

CVE-2017-5974

Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service crash via a crafted ZIP file...

CVE-2017-5974

Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service crash via a crafted ZIP file...

CVE-2017-5974

Heap-based buffer overflow in the zzipget32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service crash via a crafted ZIP file...