Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and previous versions, when running on 64-bit machines, allows context-dependent malicious users to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libarchive libarchive |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 12.04 |
||
opensuse opensuse 13.1 |
||
canonical ubuntu linux 14.10 |
||
opensuse opensuse 13.2 |
||
fedoraproject fedora 17 |
||
fedoraproject fedora 18 |
||
freebsd freebsd 9.3 |