Long Range Zip Project: >> Long Range Zip >> 0.631 Security Vulnerabilities
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-06-26
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-05-08
The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-05-08
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-05-08
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-05-08
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-05-08
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-05-08
Page 2