7 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5977
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The zzipmementryextrablock function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service invalid memory read and crash via a...
Mageia: Security Advisory (MGASA-2017-0163)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zziplib (EulerOS-SA-2021-1240)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201801-17] zziplib: denial of service
Arch Linux Security Advisory ASA-201801-17 ========================================== Severity: Medium Date : 2018-01-18 CVE-ID : CVE-2017-5977 CVE-2017-5978 Package : zziplib Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-273 Summary ======= The package zziplib...
openSUSE Security Update : zziplib (openSUSE-2017-554)
This update for zziplib fixes the following issues : Secuirty issues fixed : - CVE-2017-5974: heap-based buffer overflow in zzipget32 fetch.c bsc1024517 - CVE-2017-5975: heap-based buffer overflow in zzipget64 fetch.c bsc1024528 - CVE-2017-5976: heap-based buffer overflow in zzipmementryextrabloc...
CVE-2017-5977
The zzipmementryextrablock function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted ZIP file...
CVE-2017-5977
CVE-2017-5977 affects zziplib 0.13.62 (memdisk.c): the zzip_mem_entry_extra_block function allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file. Public advisories note this as a vulnerability in zziplib and indicate upgrades to 0.13.67 or lat...