First published: Tue Sep 20 2016(Updated: )
The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libarchive Libarchive | <=3.1.901a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.