DSA-2995 lzo2 - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
Don A. Bailey from Lab Mouse Security discovered an integer overflowflaw in the way the lzo library decompressed certain archives compressedwith the LZO algorithm. An attacker could create a specially craftedLZO-compressed input that, when decompressed by an application using thelzo library, would cause that application to crash or, potentially,execute arbitrary code.
More info:
https://www.debian.org/security/2014/dsa-2995 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-4607 and DSA-2995. |