lzo
Page content
- Author: kikadf
- Vulnerable: 2.0.6-1
- Unaffected: 2.0.6-1arcturus1
Don A. Bailey from Lab Mouse Security discovered an integer overflow flaw in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.