CVE-2015-8917

Опубликовано: 20 сент. 2016

Источник: debian

EPSS Низкий

Описание

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libarchive	fixed	3.2.0-2		package

Примечания

https://github.com/libarchive/libarchive/issues/505
Fixed by https://github.com/libarchive/libarchive/commit/b2e2abb

EPSS

Процентиль: 90%

0.05592

Низкий

Связанные уязвимости

CVE-2015-8917

CVSS3: 7.5

ubuntu

почти 9 лет назад

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

CVE-2015-8917

CVSS3: 3.7

redhat

около 9 лет назад

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

CVE-2015-8917

CVSS3: 7.5

nvd

почти 9 лет назад

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

GHSA-p5x4-pp3w-p9wj

CVSS3: 7.5

github

около 3 лет назад

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

ELSA-2016-1844

oracle-oval

почти 9 лет назад

ELSA-2016-1844: libarchive security update (IMPORTANT)

EPSS

Процентиль: 90%

0.05592

Низкий