Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

Gentoo: GLSA-200704-05 Normal: Zziplib Buffer Overflow Remote Execution

gentoo
Calendar Grey April 4, 2007
Dist Gentoo Esm H88
Gentoo has issued updates regarding an important zziplib vulnerability that presents a buffer overflow risk, which might enable remote code execution. It is advised to upgrade promptly.
The zziplib library contains a buffer overflow vulnerability that could lead to user-assisted remote execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200704-05 https://security.gentoo.org/ Severity: Normal Title: zziplib: Buffer Overflow Date: April 03, 2007 Bugs: #171441 ID: 200704-05

Synopsis ======= The zziplib library contains a buffer overflow vulnerability that could lead to user-assisted remote execution of arbitrary code.
Background ========= The zziplib library is a lightweight library for extracting data from files archived in a single zip file.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/zziplib < 0.13.49 >= 0.13.49
========== dmcox dmcox discovered a boundary error in the zzip_open_shared_io() function from zzip/file.c .
Impact ===== A remote a...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround