Libextractor Multiple Heap Buffer Overflow Vulnerabilities

Libextractor Multiple Heap Buffer Overflow Vulnerabilities

The libextractor library is affected by multiple buffer-overflow vulnerabilities. The software fails to perform sufficient boundary checks of user-supplied input before copying it to insufficiently sized memory buffers.

An attacker exploits these issues by enticing a vulnerable user to open a malformed file using an application that employs libextractor.

This issue allows attackers to execute arbitrary machine code in the context of applications that use the affected library, aiding them in the remote compromise of affected computers.

Version 0.5.13 of libextractor is vulnerable to these issues; other versions may also be affected.