Miembros de
Boletines de Vulnerabilidades |
DSA-2995 lzo2 - security update |
|
Información sobre el sistema |
|
| Software afectado | Debian |
Descripción |
|
|
Don A. Bailey from Lab Mouse Security discovered an integer overflowflaw in the way the lzo library decompressed certain archives compressedwith the LZO algorithm. An attacker could create a specially craftedLZO-compressed input that, when decompressed by an application using thelzo library, would cause that application to crash or, potentially,execute arbitrary code. More info: https://www.debian.org/security/2014/dsa-2995 |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-4607 and DSA-2995. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-08-05 |