Download
| Alert*
oval:org.secpod.oval:def:39290
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:602933 Agostino Sarubbo discovered multiple vulnerabilities in zziplib, a library to access Zip archives, which could result in denial of service and potentially the execution of arbitrary code if a malformed archive is processed. oval:org.secpod.oval:def:51820 zziplib: library providing read access on ZIP-archives zziplib could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703655 zziplib: library providing read access on ZIP-archives zziplib could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:114860 The zziplib library is intentionally lightweight, it offers the ability to easily extract data from files archived in a single zip file. Applications can bundle files into a single zip archive and access them. The implementation is based only on the subset of compression with the zlib algorithm whi ... |