PT-2014-2099 · Jzip · Jzip
Mr_Me
·
Published
2014-06-11
·
Updated
2014-06-12
·
CVE-2010-5300
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Jzip versions 1.3 through 2.0.0.132900
Description
The issue is a stack-based buffer overflow that can be triggered by a long file name in a zip archive, potentially allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Recommendations
For Jzip versions 1.3 through 2.0.0.132900, update to a version that fixes this issue to prevent potential exploitation.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jzip