AVG-390 log

Package libzip
Status Fixed
Severity High
Type arbitrary code execution
Affected 1.2.0-1
Fixed 1.3.0-1
Current 1.10.1-1 [extra]
Ticket None
Created Wed Aug 23 18:18:23 2017
Issue Severity Remote Type Description
CVE-2017-12858 High Yes Arbitrary code execution
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to execute arbitrary code via a crafted zip file.
Date Advisory Package Type
07 Nov 2017 ASA-201711-13 libzip arbitrary code execution