blob: 6c7cd85afb1a7b6c6dca9eb8731a43d448e6f70d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
source: zziplib
date: September 4th , 2007
author: Nico Golde
vuln-type: buffer overflow
problem-scope: remote
debian-specifc: no
cve: CVE-2007-1614
vendor-advisory:
testing-fix: 0.12.83-8lenny1
sid-fix: 0.13.49-0
upgrade: apt-get upgrade
The zziplib library is prone to a stack-based buffer overflow
which might allow remote attackers to execute arbitrary code
or denial of service (application crash) via a long file name.
CVE-2007-1614
Stack-based buffer overflow in the zzip_open_shared_io function
in zzip/file.c in ZZIPlib Library before 0.13.49 allows
user-assisted remote attackers to cause a denial of service
(application crash) or execute arbitrary code via a long
filename.
|
