Long Range Zip Project: >> Long Range Zip Security Vulnerabilities
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-05-08
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-05-08
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-05-08
Page 3