Download
| Alert*
oval:org.secpod.oval:def:204980
The zziplib is a lightweight library to easily extract data from zip files. Security Fix: * zziplib: out of bound read in mmapped.c:zzip_disk_fread causes crash * zziplib: Bus error in zip.c:__zzip_parse_root_directory cause crash via crafted zip file * zziplib: Memory leak in memdisk.c:zzip_mem_d ... oval:org.secpod.oval:def:1502365 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502519 The zziplib is a lightweight library to easily extract data from zip files. Security Fix: * zziplib: out of bound read in mmapped.c:zzip_disk_fread causes crash * zziplib: Bus error in zip.c:__zzip_parse_root_directory cause crash via crafted zip file * zziplib: Memory leak in memdisk.c:zzip_mem_d ... oval:org.secpod.oval:def:1700134 An improper input validation was found in function __zzip_fetch_disk_trailer of ZZIPlib, up to 0.13.68, that could lead to a crash in __zzip_parse_root_directory function of zzip/ip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.A memory lea ... oval:org.secpod.oval:def:704145 zziplib: library providing read access on ZIP-archives - library zziplib could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:51066 zziplib: library providing read access on ZIP-archives - library zziplib could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:115092 The zziplib library is intentionally lightweight, it offers the ability to easily extract data from files archived in a single zip file. Applications can bundle files into a single zip archive and access them. The implementation is based only on the subset of compression with the zlib algorithm whi ... oval:org.secpod.oval:def:2000106 An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service. |