19 matches found
Advisory ROSA-SA-2021-2006
Software: zziplib 0.13.62 OS: Cobalt 7.9 CVE-ID: CVE-2017-5977 CVE-Crit: MEDIUM CVE-DESC: The zzipmementryextrablock function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted ZIP file. CVE-STATUS: default CVE-REV:...
EulerOS 2.0 SP3 : zziplib (EulerOS-SA-2018-1397)
According to the versions of the zziplib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zziplib: out of bound read in mmapped.c:zzipdiskfread causes crash.CVE-2018-7725 - zziplib: Bus error in zip.c:zzipparserootdirectory cause cras...
Memory corruption
An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzipmemdisknew in memdisk.c, which will lead to a denial of service attack...
Undefined Behaviour Or Denial Of Service (DoS)
zziplib is vulnerable to undefined behavior or denial of service DoS attacks. The vulnerability exists because there is a flaw that causes the loading of a misaligned address in memdisk.c...
Denial Of Service (DoS) Through An Invalid Memory Read And Crash
zziplib is vulnerable to denial of service DoS attacks. Attackers are able to cause invalid memory reads and crashes through a ZIP file when it is processed in the zzipmementryextrablock function in memdisk.c...
Denial Of Service (DoS)
zziplib is vulnerable to denial of service DoS attacks. These attacks can be performed using a ZIP file in memdisk.c to cause out-of-bound reads and crashes...
Denial Of Service (DoS) Through Null Pointer Dereference
zziblip is vulnerable to denial of service DoS attacks. These attacks are possible using a zip file in memdisk.c allowing attackers to cause a null pointer dereference and crash...
DEBIAN-CVE-2017-5977
The zzipmementryextrablock function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted ZIP file...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read. The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted ZIP file. Remediation There is no fixed version for zziplib...
Null pointer dereference
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted ZIP file...
Out-of-bounds
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted ZIP file...
Design/Logic Flaw
The zzipmementryextrablock function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted ZIP file...
CVE-2017-5980
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted ZIP file...
CVE-2017-5978
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted ZIP file...
CVE-2017-5980
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted ZIP file...
CVE-2017-5978
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted ZIP file...
UBUNTU-CVE-2017-5978
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted ZIP file...
CVE-2017-5980
The zzipmementrynew function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted ZIP file...
CVE-2017-5977
The zzipmementryextrablock function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted ZIP file...