libzip '_zip_name_locate()' NULL Pointer Dereference Denial Of Service Vulnerability

libzip is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference.

A successful exploit requires that the 'ZIPARCHIVE::FL_UNCHANGED' flag is set.

An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Due to the nature of the issue, code execution may be possible; however, it has not been confirmed.

Versions prior to libzip 0.10 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus