CVE-2016-5844

Опубликовано: 21 сент. 2016

Источник: debian

EPSS Низкий

Описание

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libarchive	fixed	3.2.1-1		package

Примечания

Upstream ticket: https://github.com/libarchive/libarchive/issues/717
Upstream fix: https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22 (v3.2.1)

EPSS

Процентиль: 85%

0.02481

Низкий

Связанные уязвимости

CVE-2016-5844

CVSS3: 6.5

ubuntu

почти 9 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CVE-2016-5844

CVSS3: 3.7

redhat

около 9 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CVE-2016-5844

CVSS3: 6.5

nvd

почти 9 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

GHSA-x263-jxrf-c484

CVSS3: 6.5

github

около 3 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

openSUSE-SU-2016:3005-1

suse-cvrf

больше 8 лет назад

Security update for libarchive

EPSS

Процентиль: 85%

0.02481

Низкий