Astra Linux – Vulnerability in zziplib

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service through the zzipFetchDiskTrailer function located in the /zzip/zip.c file...

Azure Linux 3.0 Security Update: zziplib (CVE-2024-39134)

The version of zziplib installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39134 advisory. - A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via...

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c.

...

The vulnerability of the __zzip_fetch_disk_trailer() function in the /zzip/zip.c component of the ZZIPlib compression library allows a hacker to induce a service failure.

The vulnerability of the zzipFetchFetchDiskTrailer function in the /zzip/zip.c component of the ZZIPlib compression library is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

OESA-2024-2327 zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Applications can bundle files into a single zip archive and access them. The implementation is based only on the free subset of compression with the zlib algorithm which is actually used by the zip/unzip tools. Security...

SUSE CVE-2024-39134

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c...

DEBIAN-CVE-2024-39134

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c...

AZL-44745 CVE-2024-39134 affecting package zziplib for versions less than 0.13.74-1

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c...

AZL-43669 CVE-2024-39134 affecting package zziplib 0.13.72-3

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c...

UBUNTU-CVE-2024-39134

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow through the zzipfetchdisktrailer function. An attacker can disrupt service and potentially execute arbitrary code by sending specially crafted inputs. Remediation Upgrade zziplib to version 0.13.78 or higher...

ZZIPlib security vulnerability

ZZIPlib is a compressed document extraction library. A security vulnerability exists in ZZIPlib version v0.13.77, which stems from a denial of service vulnerability in the zzipfetchdisktrailer function of the /zzip/zip.c file...

The vulnerability of the __zzipFetchFetchDiskTrailer function in the ZZIPlib library allows a hacker to trigger a service failure.

The vulnerability of the zzipfetchdisktrailer function in the ZZIPlib compression library is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by using a specially created zip file...

The vulnerability of the `__zzip_fetch_disk_trailer` function in the ZZIPlib compression library, which stems from insufficient validation of input data, allows attackers to trigger a service failure.

The vulnerability of the zzipfetchdisktrailer function in the ZZIPlib compression library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures by using a specially created zip file...

Updated zziplib packages fix security vulnerability

In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzipdiskfread function zzip/mmapped.c because the size variable is not validated against the amount of file-stored data CVE-2018-6381. An unaligned memory access bug was found in the way ZZIPlib handled ZIP...

zziplib: Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted zip file

An improper input validation was found in function zzipfetchdisktrailer of ZZIPlib, up to 0.13.68, that could lead to a crash in zzipparserootdirectory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

ZZIPlib Denial of Service Vulnerability (CNVD-2018-05513)

ZZIPlib is a set of lightweight file compression tools. A security vulnerability exists in the 'zzipfetchdisktrailer' function of the zzip/zip.c file in ZZIPlib version 0.13.67. A remote attacker can exploit this vulnerability to cause a denial of service with a specially crafted zip file...

Denial Of Service (DoS)

ZZIPlib is vulnerable to denial of service DoS attacks. It is possible that a zip file will cause a bus error due to the loading of a misaligned address in the zzipfetchdisktrailer function...

DEBIAN-CVE-2018-6541

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address when handling disk64trailer local entries in zzipfetchdisktrailer zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

UBUNTU-CVE-2018-6541

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address when handling disk64trailer local entries in zzipfetchdisktrailer zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...