GNU Libextractor 'EXTRACTOR_zip_extract_method()' Function Out-of-Bounds Read Vulnerability
BID:105254
CVE-2018-16430 |Info
GNU Libextractor 'EXTRACTOR_zip_extract_method()' Function Out-of-Bounds Read Vulnerability
| Bugtraq ID: | 105254 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2018-16430 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 03 2018 12:00AM |
| Updated: | Sep 03 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
GNU libextractor 0.4.2 GNU libextractor 1.7 GNU libextractor 1.6 GNU libextractor 1.4 |
| Not Vulnerable: | |
Discussion
GNU Libextractor 'EXTRACTOR_zip_extract_method()' Function Out-of-Bounds Read Vulnerability
GNU Libextractor is prone to an out-of-bounds read vulnerability.
Attackers can exploit this issue to crash the application denying service to legitimate users or disclose sensitive information that may aid in further attacks.
GNU Libextractor through 1.7 are vulnerable; other versions may also be affected.
GNU Libextractor is prone to an out-of-bounds read vulnerability.
Attackers can exploit this issue to crash the application denying service to legitimate users or disclose sensitive information that may aid in further attacks.
GNU Libextractor through 1.7 are vulnerable; other versions may also be affected.
References
GNU Libextractor 'EXTRACTOR_zip_extract_method()' Function Out-of-Bounds Read Vulnerability
References:
References:
- 0005405: Out of Bound Read in zip_extractor.c (GNU)
- Fix #5405 (gnunet.org)
- GNU Homepage (GNU)