Security Advisory

CVE-2012-1163

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-12 20:00:00
Last updated 2024-09-17 00:26:22
Assigner redhat
State PUBLISHED

Description

Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.