Debian Linux Security Advisory 3574-1 - Rock Stevens, Andrew Ruef and Marcin 'Icewall' Noga discovered a heap-based buffer overflow vulnerability in the zip_read_mac_metadata function in libarchive, a multi-format archive and compression library, which may lead to the execution of arbitrary code if a user or automated system is tricked into processing a specially crafted ZIP file.
5c7a63f165516bff86da6dfcf9cb9e9abd17ee133b43b69d6f316ed34e7ffb09