8 matches found
openSUSE Security Update : libzip (openSUSE-SU-2012:0416-1)
2 vulnerabilities were discovered for the libzip packages in openSUSE version 12.1. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-176. The text description of this plugin is C...
Fedora Update for libzip FEDORA-2012-4485
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2012-1162
Heap-based buffer overflow in the zipreadcdir function in zipopen.c in libzip 0.10 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."...
CVE-2012-1162
CVE-2012-1162 affects libzip 0.10 and is caused by a heap-based buffer overflow in the _zip_readcdir function within zip_open.c. Exploitation occurs via a crafted ZIP archive where the number of directories is set to 0, enabling a remote attacker to trigger an application crash (DoS) and potentia...
Fedora 17 : libzip-0.10.1-1.fc17 (2012-4485)
Upstream changelog : - Fixed CVE-2012-1162 - Fixed CVE-2012-1163 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...
[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip
PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2012-02 Released on: 21st March 2012 Affected products: libzip = 0.10 PHP 5.4.0 PHP = 5.3.10 zipruby = 0.3.6 Impact: heap overflow, information leak Credit: - Thomas Klausner - Timo Warns PRESENSE Technologies GmbH CVE...
libzip 0.1 "_zip_readcdir()" 函数缓冲器溢出漏洞(CVE-2012-1162)
BUGTRAQ ID: 52658 CVE ID: CVE-2012-1162 libzip是读取、创建和修改zip文档的库 libzip在处理目录项数时, "zipreadcdir" 函数中存在错误,通过特制的ZIP文件,可造成堆缓冲器溢出,导致在受影响应用程序中执行任意代码 0 libzip 0.1 厂商补丁: libzip ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://nih.at/libzip/index.html...
Mandriva Linux Security Advisory : libzip (MDVSA-2012:034)
Multiple vulnerabilities has been found and corrected in libzip : libzip version = 0.10 uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files CVE-2012-1162. libzip version = 0.10 has a numeric overflow condition, which, for example, results in improper...