Title: mcrypt src/extra.c check_file_head() Function Encrypted File Header Handling Overflow
Sep 07, 2012
Sep 06, 2012
mcrypt is prone to an overflow condition. The check_file_head() function of src/extra.c fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted encrypted file header, a context-dependent attacker can potentially execute arbitrary code.
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.