FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libarchive -- RCE vulnerability

Affected packages
libarchive < 3.2.0,1


VuXML ID 2b4c8e1f-1609-11e6-b55e-b499baebfeaf
Discovery 2016-05-01
Entry 2016-05-09
Modified 2016-05-10

The libarchive project reports:

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.


CVE Name CVE-2016-1541