CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0211

Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 77.9%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2013-0211

Libarchive » Libarchive » Version: 3.1.2

cpe:2.3:a:libarchive:libarchive:3.1.2
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 14.10

cpe:2.3:o:canonical:ubuntu_linux:14.10
Fedoraproject » Fedora » Version: 17

cpe:2.3:o:fedoraproject:fedora:17
Fedoraproject » Fedora » Version: 18

cpe:2.3:o:fedoraproject:fedora:18
Freebsd » Freebsd » Version: 9.3

cpe:2.3:o:freebsd:freebsd:9.3
Opensuse » Opensuse » Version: 13.1

cpe:2.3:o:opensuse:opensuse:13.1
Opensuse » Opensuse » Version: 13.2

cpe:2.3:o:opensuse:opensuse:13.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0211

Products

Pricing

Contact Us