Use-after-free vulnerability in lrzip 0.631 allows for remote denial of service or potential impact

Use-after-free vulnerability in lrzip 0.631 allows for remote denial of service or potential impact

CVE-2018-10685 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Learn more about our Web Application Penetration Testing UK.