ZZipLib ZZip_Open_Shared_IO Stack Buffer Overflow Vulnerability

ZZipLib ZZip_Open_Shared_IO Stack Buffer Overflow Vulnerability

ZZIPlib is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue may allow attackers to execute arbitrary machine code in the context of applicaitons using the library. Failed exploit attempts will likely result in a denial-of-service condition.

Versions prior to 0.13.49 are vulnerable.