lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.
References
Link | Resource |
---|---|
https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084 | |
https://github.com/ckolivas/lrzip/issues/246 | Exploit Issue Tracking |
https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow | Exploit |
Configurations
History
25 Aug 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Aug 2023, 17:08
Type | Values Removed | Values Added |
---|---|---|
First Time |
Long Range Zip Project long Range Zip
Long Range Zip Project |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-787 | |
References | (MISC) https://github.com/ckolivas/lrzip/issues/246 - Exploit, Issue Tracking | |
References | (MISC) https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow - Exploit | |
CPE | cpe:2.3:a:long_range_zip_project:long_range_zip:0.651:*:*:*:*:*:*:* |
17 Aug 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-17 19:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-39741
Mitre link : CVE-2023-39741
CVE.ORG link : CVE-2023-39741
JSON object : View
Products Affected
long_range_zip_project
- long_range_zip
CWE
CWE-787
Out-of-bounds Write