CVE-2011-1777

EPSS 3.0%

libarchive - buffer overflows

Published: 4/13/2012Modified: 4/28/2026

Also known as:DEBIAN-CVE-2011-1777

Description

Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_support_format_iso9660.c in libarchive through 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ISO9660 image.

Affected packages (2)

Debian/libarchivefrom 0, < 2.8.5-5
Debian/libarchivefrom 0, < 2.8.4-1+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1777