NVD

Id
43172  
Name
CVE-2012-1162  
Description
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-07-12  
Modified Date
2012-07-13  
Seq
2012-1162  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
217327 43172 CVE-2012-1162 [libzip-discuss] 20120320 libzip-0.10.1 security fix release  View
217328 43172 CVE-2012-1162 GLSA-201203-23  View
217329 43172 CVE-2012-1162 MDVSA-2012:034  View
217330 43172 CVE-2012-1162 http://www.nih.at/libzip/NEWS.html  View
217331 43172 CVE-2012-1162 [oss-security] 20120321 CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip  View
217332 43172 CVE-2012-1162 [oss-security] 20120329 Re: CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27368 JVNDB-2012-003075 libzip の zip_open.c におけるヒープベースのバッファオーバーフローの脆弱性 libzip の zip_open.c 内の _zip_readcdir 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2012-1162 54400 CVE-2012-1162 43172 7.5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003075.html 2012-03-20 2012-07-17 View