CVE-2012-1162 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libzip

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources

Severity

7.5HIGHNVD

EPSS

2.0%

top 16.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libzip Debian Libzip NIH Libzip

Timeline

PublishedJul 12

Latest updateMay 17

Description

Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/libzip< libzip 0.10.1-1 (bookworm)

▶Debianlibzip/libzip< 0.10.1-1+3

▶NVDnih/libzip0.10

🔴Vulnerability Details

GHSA

GHSA-m749-r8jf-5h5g: Heap-based buffer overflow in the _zip_readcdir function in zip_open↗2022-05-17

▶

OSV

CVE-2012-1162: Heap-based buffer overflow in the _zip_readcdir function in zip_open↗2012-07-12

▶

📋Vendor Advisories

Red Hat

libzip: heap overflow flaw when processing malformed zip file↗2012-03-20

▶

Debian

CVE-2012-1162: libzip - Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip...↗2012

▶

💬Community

Bugzilla

CVE-2012-1162 CVE-2012-1163 libzip various flaws [fedora-all]↗2012-03-20

▶

Bugzilla

CVE-2012-1162 CVE-2012-1163 php various flaws [fedora-all]↗2012-03-20

▶

Bugzilla

CVE-2012-1162 libzip: heap overflow flaw when processing malformed zip file↗2012-03-12

▶