CVE-2012-1163
Publication date 12 July 2012
Last updated 24 July 2024
Ubuntu priority
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.
Status
Package | Ubuntu Release | Status |
---|---|---|
libzip | ||