Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-8920

Опубликовано: 17 июн. 2016
Источник: redhat
CVSS3: 3.7
CVSS2: 3.5

Описание

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

A vulnerability was found in libarchive. A specially crafted AR archive could cause the application to read a single byte of application memory, potentially disclosing it to the attacker.

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-228->CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1348416libarchive: Stack out of bounds read in ar parser

3.7 Low

CVSS3

3.5 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-8920

CVSS3: 5.5
ubuntu
почти 9 лет назад

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

nvd логотип

CVE-2015-8920

CVSS3: 5.5
nvd
почти 9 лет назад

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

debian логотип

CVE-2015-8920

CVSS3: 5.5
debian
почти 9 лет назад

The _ar_read_header function in archive_read_support_format_ar.c in li ...

github логотип

GHSA-f3p9-58ff-r365

CVSS3: 5.5
github
около 3 лет назад

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

suse-cvrf логотип

SUSE-SU-2016:1939-1

suse-cvrf
около 9 лет назад

Security update for bsdtar

3.7 Low

CVSS3

3.5 Low

CVSS2