CVE-2012-1163 — Integer Overflow or Wraparound in Libzip

CWE-189 CWE-190 — Integer Overflow or Wraparound9 documents6 sources

Severity

6.8MEDIUMNVD

EPSS

1.4%

top 19.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libzip Debian Libzip NIH Libzip

Timeline

PublishedJul 12

Latest updateMay 17

Description

Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/libzip< libzip 0.10.1-1 (bookworm)

▶Debianlibzip/libzip< 0.10.1-1+3

▶NVDnih/libzip0.10

🔴Vulnerability Details

GHSA

GHSA-29xg-c3jw-cp68: Integer overflow in the _zip_readcdir function in zip_open↗2022-05-17

▶

OSV

CVE-2012-1163: Integer overflow in the _zip_readcdir function in zip_open↗2012-07-12

▶

📋Vendor Advisories

Red Hat

libzip: integer overflow when processing malformed zip file↗2012-03-20

▶

Debian

CVE-2012-1163: libzip - Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allo...↗2012

▶

💬Community

Bugzilla

CVE-2012-3548 wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector↗2012-08-21

▶

Bugzilla

CVE-2012-1162 CVE-2012-1163 libzip various flaws [fedora-all]↗2012-03-20

▶

Bugzilla

CVE-2012-1162 CVE-2012-1163 php various flaws [fedora-all]↗2012-03-20

▶

Bugzilla

CVE-2012-1163 libzip: integer overflow when processing malformed zip file↗2012-03-13

▶