Unrated severityNVD Advisory· Published Apr 13, 2012· Updated Apr 29, 2026

CVE-2011-1777

Description

Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_support_format_iso9660.c in libarchive through 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ISO9660 image.

Affected products

FreeBSD/Libarchive18 versions
cpe:2.3:a:freebsd:libarchive:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:freebsd:libarchive:*:*:*:*:*:*:*:*range: <=2.8.5
- cpe:2.3:a:freebsd:libarchive:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:freebsd:libarchive:2.8.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000