A severe buffer overflow vulnerability has been discovered in the zlib untgz utility, affecting version 1.3.1.2, allowing attackers to trigger memory corruption via maliciously crafted command-line arguments. The vulnerability resides in the TGZfname() function, where an unbounded strcpy() call copies user-supplied archive names directly into a fixed-size global buffer of 1024 bytes without any length […]

The post Critical zlib Flaw Let Attackers Can Trigger a Buffer Overflow via untgz appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/critical-zlib-flaw/