Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8918

Опубликовано: 20 сент. 2016
Источник: debian
EPSS Низкий

Описание

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libarchivenot-affectedpackage

Примечания

  • Introduced in https://github.com/libarchive/libarchive/commit/cf8e67ffc8a2227b63fc6d3d1569b0214f160f54

  • Fixed by: https://github.com/libarchive/libarchive/commit/b6ba56037f0da44efebfa271cc4b1a736a74c62f

  • https://github.com/libarchive/libarchive/issues/506

EPSS

Процентиль: 85%
0.02569
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-8918

CVSS3: 7.5
ubuntu
больше 9 лет назад

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

redhat логотип

CVE-2015-8918

CVSS3: 3.7
redhat
больше 9 лет назад

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

nvd логотип

CVE-2015-8918

CVSS3: 7.5
nvd
больше 9 лет назад

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

github логотип

GHSA-6qx6-pvc6-fffj

CVSS3: 7.5
github
больше 3 лет назад

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

suse-cvrf логотип

SUSE-SU-2016:1939-1

suse-cvrf
больше 9 лет назад

Security update for bsdtar

EPSS

Процентиль: 85%
0.02569
Низкий