Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libzip缓冲区溢出漏洞
Vulnerability Description
libzip是软件开发者Dieter Baron和Thomas Klausner共同研发的一个用于读取、创建和修改zip压缩包的C库。 libzip 0.10版本中存在漏洞,该源于漏洞在处理目录项数时"_zip_readcdir()"函数(zip_open.c)中存在的错误。攻击者可利用该漏洞借助特制ZIP文件导致基于堆得缓冲区溢出,在受影响应用程序中执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A