nih (not invented here) libzip 0.10

CPE Details

nih (not invented here) libzip 0.10
nih
libzip
0.10
2012-07-13
12h45 +00:00
2012-07-25
13h29 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:nih:libzip:0.10:*:*:*:*:*:*:*

Informations

Vendor

nih

Product

libzip

Version

0.10

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2015-2331 2015-03-30 08h00 +00:00 Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
7.5
CVE-2012-1162 2012-07-12 20h00 +00:00 Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."
7.5
CVE-2012-1163 2012-07-12 20h00 +00:00 Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.
6.8