CVE-2017-5979

🗓️ 01 Mar 2017 00:00:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 24 Views

CVE-2017-5979 prescan_entry function vulnerability in zziplib 0.13.6

Reporter	Title	Published	Views	Family All 57
FreeBSD	zziplib - multiple vulnerabilities	1 Mar 201700:00	–	freebsd
AlpineLinux	CVE-2017-5979	1 Mar 201715:00	–	alpinelinux
ArchLinux	[ASA-201705-15] zziplib: multiple issues	12 May 201700:00	–	archlinux
CNVD	ZZIPlib 'precan_entry' NULL Pointer Reference Denial of Service Vulnerability	17 Feb 201700:00	–	cnvd
CVE	CVE-2017-5979	1 Mar 201715:00	–	cve
Cvelist	CVE-2017-5979	1 Mar 201715:00	–	cvelist
Debian	[SECURITY] [DLA 994-1] zziplib security update	20 Jun 201720:23	–	debian
Debian	[SECURITY] [DSA 3878-1] zziplib security update	12 Jun 201718:53	–	debian
Debian CVE	CVE-2017-5979	1 Mar 201715:00	–	debiancve
Tenable Nessus	Debian DLA-994-1 : zziplib security update	21 Jun 201700:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	14.04	any	zziplib	0.13.62-2ubuntu0.1	zziplib_0.13.62-2ubuntu0.1_any.deb
Ubuntu	16.04	any	zziplib	0.13.62-3ubuntu0.16.04.1	zziplib_0.13.62-3ubuntu0.16.04.1_any.deb
Ubuntu	16.10	any	zziplib	0.13.62-3ubuntu0.16.10.1	zziplib_0.13.62-3ubuntu0.16.10.1_any.deb
Ubuntu	17.04	any	zziplib	0.13.62-3ubuntu0.17.04.1	zziplib_0.13.62-3ubuntu0.17.04.1_any.deb

Source	Link
blogs	www.blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c/
ubuntu	www.ubuntu.com/security/notices/USN-3320-1
cve	www.cve.org/CVERecord

25 Aug 2025 22:35Current

6.3Medium risk

Vulners AI Score6.3

CVSS 24.3

CVSS 35.5

EPSS0.00128

cve-2017-5979 prescan_entry zziplib 0.13.62 remote attackers denial of service null pointer dereference crash crafted zip file bugs debian