Lzo · Liblzo2 · CVE-2014-4607
**Name of the Vulnerable Software and Affected Versions**
liblzo2 versions prior to 2.07
lzo-2 versions prior to 2.07
**Description**
The issue is related to an integer overflow in the LZO algorithm variant. This might allow remote attackers to execute arbitrary code via a crafted Literal Run. The estimated number of potentially affected devices is not specified.
**Recommendations**
For liblzo2 versions prior to 2.07, update to version 2.07 or later.
For lzo-2 versions prior to 2.07, update to version 2.07 or later.
As a temporary workaround, consider restricting access to the LZO algorithm variant until a patch is available.