Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8931

Опубликовано: 20 сент. 2016
Источник: debian
EPSS Низкий

Описание

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libarchivefixed3.2.0-2package

Примечания

  • https://github.com/libarchive/libarchive/issues/539

  • Fixed by: https://github.com/libarchive/libarchive/commit/b31744df71084a8734f97199e42418f55d08c6c5 (v3.1.900a)

  • Fixed by: https://github.com/libarchive/libarchive/commit/c0c52e9aaafb0860c4151c5374372051e9354301 (v3.1.900a)

EPSS

Процентиль: 53%
0.00299
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-8931

CVSS3: 7.8
ubuntu
почти 9 лет назад

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

redhat логотип

CVE-2015-8931

CVSS3: 3.7
redhat
около 9 лет назад

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

nvd логотип

CVE-2015-8931

CVSS3: 7.8
nvd
почти 9 лет назад

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

github логотип

GHSA-ghcq-m3mh-5p57

CVSS3: 7.8
github
около 3 лет назад

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

suse-cvrf логотип

openSUSE-SU-2016:2036-1

suse-cvrf
около 9 лет назад

Security update for libarchive

EPSS

Процентиль: 53%
0.00299
Низкий