Heap-based buffer overflow in the zipreadmacmetadata function in archivereadsupportformat_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.
[ { "signature_type": "Line", "id": "CVE-2016-1541-7e332515", "source": "https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7", "signature_version": "v1", "target": { "file": "libarchive/archive_read_support_format_zip.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "48426896534176377726048874745336262249", "198984821660040891711746734698485588705", "158675158510671668598239649588821067954", "249672597877898025562469458628542068828", "222471757330240980523396797786448906687", "29955010350394671833858047012515946165", "303420656995630671493261446931615457184", "297704672076321289725493881899609829055", "104521517704438845559865922156800522217", "264493677763335951630672024077811115529", "101830527991593088610028410301859719665", "190139030830714709428610916411975030267" ] }, "deprecated": false }, { "signature_type": "Function", "id": "CVE-2016-1541-e47b4f05", "source": "https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7", "signature_version": "v1", "target": { "function": "zip_read_mac_metadata", "file": "libarchive/archive_read_support_format_zip.c" }, "digest": { "function_hash": "24300103487728401637695827036703653251", "length": 3008.0 }, "deprecated": false } ]