NVD

Id
43173  
Name
CVE-2012-1163  
Description
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-07-12  
Modified Date
2012-07-16  
Seq
2012-1163  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
217333 43173 CVE-2012-1163 [libzip-discuss] 20120320 libzip-0.10.1 security fix release  View
217334 43173 CVE-2012-1163 GLSA-201203-23  View
217335 43173 CVE-2012-1163 MDVSA-2012:034  View
217336 43173 CVE-2012-1163 http://www.nih.at/libzip/NEWS.html  View
217337 43173 CVE-2012-1163 [oss-security] 20120321 CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip  View
217338 43173 CVE-2012-1163 [oss-security] 20120329 Re: CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27369 JVNDB-2012-003076 libzip の zip_open.c における整数オーバーフローの脆弱性 libzip の zip_open.c 内の _zip_readcdir 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2012-1163 54401 CVE-2012-1163 43173 6.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003076.html 2012-03-20 2012-07-17 View