CVE-2018-6541

Synopsis Low: zziplib security update Type/Severity Security Advisory: Low Topic An update for zziplib is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...

zziplib could be made to crash or run programs as your login if it opened a specially crafted file ...

Debian Bug report logs - #910335 zziplib: CVE-2018-16548: Memory leak triggered in the function __zzip_parse_root_directory in zipc Package: src:zziplib; Maintainer for src:zziplib is Scott Howard <showard@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 4 Oct 2018 21:18:02 UTC Severity ...

Debian Bug report logs - #923659 zziplib: CVE-2018-6540: bus error in zzip_disk_findfirst function in zzip/mmappedc Package: src:zziplib; Maintainer for src:zziplib is Scott Howard <showard@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 3 Mar 2019 12:27:02 UTC Severity: important Tags ...

Debian Bug report logs - #889096 zziplib: CVE-2018-6381: Invalid memory access in zzip_disk_fread Package: src:zziplib; Maintainer for src:zziplib is Scott Howard <showard@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 1 Feb 2018 21:15:01 UTC Severity: important Tags: fixed-upstream, p ...

Debian Bug report logs - #889089 zziplib: CVE-2018-6484: Bus error in __zzip_fetch_disk_trailer Package: src:zziplib; Maintainer for src:zziplib is Scott Howard <showard@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 1 Feb 2018 21:00:13 UTC Severity: important Tags: fixed-upstream, pat ...

Debian Bug report logs - #913165 zziplib: CVE-2018-7726 CVE-2018-7725 Package: src:zziplib; Maintainer for src:zziplib is Scott Howard <showard@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 7 Nov 2018 18:54:02 UTC Severity: grave Tags: patch, security, upstream Found in version zziplib/0 ...

An issue was discovered in ZZIPlib through 01369 There is a memory leak triggered in the function __zzip_parse_root_directory in zipc, which will lead to a denial of service attack(CVE-2018-16548) In ZZIPlib 01367, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk ...

In ZZIPlib 01367, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zipc) Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file ...