Описание
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Vendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- PatchVendor AdvisoryBroken Link
- Vendor AdvisoryBroken Link
- Third Party Advisory
- Third Party Advisory
- Broken Link
- Broken Link
- Third Party Advisory
- Broken Link
- Not Applicable
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
The NEEDBITS macro in the inflate_dynamic function in inflate.c for un ...
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
EPSS
9.3 Critical
CVSS2