Categories: US-Cert-Repository

Vulnerabilities in LZO and LZ4 compression libraries

Original release date: July 21, 2014

Recently disclosed vulnerabilities in the LZO and LZ4 compression libraries could allow remote code execution under certain circumstances. While these libraries are used by a large number of platforms and applications, not all programs may be vulnerable to exploitation. 

US-CERT recommends that all developers who either implement or import the LZO or LZ4 libraries into their software check for susceptibility to CVE-2014-4608, CVE-2014-4715, and CVE-2014-4611.

Users and administrators should apply software security updates as they become available.

This product is provided subject to this Notification and this Privacy & Use policy.

admin

Leave a Comment
Share
Published by
admin
12 years ago

Recent Posts

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team (CERT Polska’s)…

17 hours ago

MyDoom.B Virus

Systems Affected   Any system running Microsoft Windows (Windows 95 and newer) that are used…

1 month ago

Multiple Vulnerabilities in Microsoft Internet Explorer

Systems Affected   Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…

1 month ago

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Systems Affected   Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…

1 month ago

Multiple Vulnerabilities in Microsoft Windows

Systems Affected   Systems running Microsoft Windows   Overview   Microsoft Windows contains multiple vulnerabilities,…

1 month ago

Vulnerability in Microsoft Outlook 2002

Systems Affected   Systems running Microsoft Office XP and Outlook 2002   Overview   There…

1 month ago

This website uses cookies.