CVE-2011-0421

Description

The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.

How to fix CVE-2011-0421

To remediate CVE-2011-0421, upgrade the affected package to a fixed version below.

• Debian/libzip—upgrade to 0.10-1 or later

Is CVE-2011-0421 being exploited?

Moderate — EPSS is 8.2%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 0.10-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2011-0421