Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-0211

Опубликовано: 30 сент. 2013
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:x64:*:*
Версия до 3.1.2 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:o:freebsd:freebsd:9.3:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01196
Низкий

5 Medium

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2013-0211

ubuntu
больше 12 лет назад

Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.

redhat логотип

CVE-2013-0211

redhat
почти 13 лет назад

Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.

debian логотип

CVE-2013-0211

debian
больше 12 лет назад

Integer signedness error in the archive_write_zip_data function in arc ...

github логотип

GHSA-c9hm-r59j-h433

github
почти 4 года назад

Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.

suse-cvrf логотип

SUSE-SU-2015:0667-1

suse-cvrf
почти 11 лет назад

Security update for libarchive

EPSS

Процентиль: 79%
0.01196
Низкий

5 Medium

CVSS2

Дефекты

CWE-189