Buffer Overflow Vulnerability in Libarchive Affects Multiple Vendors
CVE-2011-1777

Currently unrated

Key Information:

Vendor: FreeBSD
Status: Libarchive
Vendor: CVE Published:; 13 April 2012

What is CVE-2011-1777?

The vulnerability in libarchive results from multiple buffer overflows in the functions heap_add_entry and relocate_dir found in archive_read_support_format_iso9660.c. These flaws allow remote attackers to exploit crafted ISO9660 images, potentially leading to application crashes or even arbitrary code execution. This vulnerability affects various applications utilizing libarchive, making it critical for developers and organizations to review their implementations and upgrade to patched versions.

References

http://secunia.com/advisories/48034

third-party-advisoryx_refsource_SECUNIA

https://rhn.redhat.com/errata/RHSA-2011-1507.html

vendor-advisoryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=705849

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 13, 2012
Vulnerability Reserved
Apr 19, 2011

FreeBSD

What is CVE-2011-1777?

References

Timeline