CVE-2017-5976

Priority
Description
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in
memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of
service (crash) via a crafted ZIP file.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was deferred [2017-05-04])
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [0.13.62-2ubuntu0.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (0.13.62-3ubuntu0.16.04.1)
More Information

Updated: 2019-12-05 18:49:23 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)