GNU.Libextractor.ZIP.File.Comment.Out.of.Bounds.Read
Description
This indicates an attack attempt to exploit an Out of Bounds Read Vulnerability in GNU Libextractor.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted ZIP file. An attacker can exploit this to disclose arbitrary files on the affected machine via a crafted ZIP file.
Affected Products
GNU Libextractor prior to 1.8
GNU Libextractor prior to 1:1.3-4+deb9u2
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
https://gnunet.org/bugs/view.php?id=5405
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2022-08-15 | 21.373 | Sig Added |
2019-06-06 | 14.627 | Severity:medium:high |
2018-11-13 | 13.489 | Sig Added |
2018-10-31 | 13.482 | Default_action:pass:drop |
2018-09-26 | 13.458 |