CVE-2016-4302

Опубликовано: 21 сент. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.

Ссылки

http://blog.talosintel.com/2016/06/the-poisoned-archives.html
Exploit
Third Party Advisory
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2016-1844.html
Third Party Advisory
http://www.debian.org/security/2016/dsa-3657
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91331
Third Party Advisory
VDB Entry
http://www.talosintel.com/reports/TALOS-2016-0154/
Exploit
Third Party Advisory
https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700
Issue Tracking
Patch
https://github.com/libarchive/libarchive/issues/719
Issue Tracking
Patch
https://security.gentoo.org/glsa/201701-03
http://blog.talosintel.com/2016/06/the-poisoned-archives.html
Exploit
Third Party Advisory
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444
Issue Tracking
http://rhn.redhat.com/errata/RHSA-2016-1844.html
Third Party Advisory
http://www.debian.org/security/2016/dsa-3657
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91331
Third Party Advisory
VDB Entry
http://www.talosintel.com/reports/TALOS-2016-0154/
Exploit
Third Party Advisory
https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700
Issue Tracking
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*

Версия до 3.2.0 (включая)

EPSS

Процентиль: 84%

0.02337

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2016-4302

CVSS3: 7.8

ubuntu

почти 9 лет назад

CVE-2016-4302

CVSS3: 7.7

redhat

около 9 лет назад

CVE-2016-4302

CVSS3: 7.8

debian

почти 9 лет назад

Heap-based buffer overflow in the parse_codes function in archive_read ...

GHSA-xxc5-v9q5-vjpj

CVSS3: 7.8

github

около 3 лет назад

openSUSE-SU-2016:2036-1

suse-cvrf

около 9 лет назад

Security update for libarchive

EPSS

Процентиль: 84%

0.02337

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119