Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and previous versions allows user-assisted remote malicious users to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcrypt mcrypt 2.6.5 |
||
mcrypt mcrypt 2.6.4 |
||
mcrypt mcrypt |
||
mcrypt mcrypt 2.6.7 |
||
mcrypt mcrypt 2.6.6 |