CVE-2015-8921

Опубликовано: 17 июн. 2016

Источник: redhat

CVSS3: 3.7

CVSS2: 3.5

EPSS Низкий

Описание

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

A vulnerability was found in libarchive. A specially crafted mtree file could cause libarchive to read beyond a statically declared structure, potentially disclosing application memory.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-228->CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1348772libarchive: Global out of bounds read in mtree parser

EPSS

Процентиль: 87%

0.0366

Низкий

3.7 Low

CVSS3

3.5 Low

CVSS2

Связанные уязвимости

CVE-2015-8921

CVSS3: 7.5

ubuntu

почти 9 лет назад

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

CVE-2015-8921

CVSS3: 7.5

nvd

почти 9 лет назад

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

CVE-2015-8921

CVSS3: 7.5

debian

почти 9 лет назад

The ae_strtofflags function in archive_entry.c in libarchive before 3. ...

GHSA-qh85-jxmr-j5xp

CVSS3: 7.5

github

около 3 лет назад

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

SUSE-SU-2016:1939-1

suse-cvrf

около 9 лет назад

Security update for bsdtar

EPSS

Процентиль: 87%

0.0366

Низкий

3.7 Low

CVSS3

3.5 Low

CVSS2