Published: 17/07/2019 Updated: 02/06/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Zipios prior to 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32() and zipfile.cpp:Zipfile::Zipfile().

Vulnerable Product	Search on Vulmon	Subscribe to Product
zipios project zipios

Debian Bug report logs - #932556 zipios++: CVE-2019-13453 Package: src:zipios++; Maintainer for src:zipios++ is Debian QA Group <packages@qadebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 20 Jul 2019 15:57:02 UTC Severity: important Tags: security, upstream Found in versions zipios++/0 ...

Several security issues were fixed in FlightCrew ...

Zipios could be made to crash or consume system resources if it received specially crafted input ...

CWE-835 https://salvatoresecurity.com/fun-with-fuzzers-how-i-discovered-three-vulnerabilities-part-2-of-3/https://sourceforge.net/p/zipios/news/2019/07/version-017-cve-/http://www.securityfocus.com/bid/109282 https://lists.debian.org/debian-lts-announce/2022/05/msg00041.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932556 https://nvd.nist.gov https://usn.ubuntu.com/4055-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-13453

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect