CVE-2016-5844

Опубликовано: 24 июн. 2016

Источник: redhat

CVSS3: 3.7

CVSS2: 3.5

Описание

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

Undefined behavior (signed integer overflow) was discovered in libarchive, in the ISO parser. A crafted file could potentially cause denial of service.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-190

https://bugzilla.redhat.com/show_bug.cgi?id=1350280libarchive: undefined behaviour (integer overflow) in iso parser

3.7 Low

CVSS3

3.5 Low

CVSS2

Связанные уязвимости

CVE-2016-5844

CVSS3: 6.5

ubuntu

почти 9 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CVE-2016-5844

CVSS3: 6.5

nvd

почти 9 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CVE-2016-5844

CVSS3: 6.5

debian

почти 9 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows r ...

GHSA-x263-jxrf-c484

CVSS3: 6.5

github

около 3 лет назад

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

openSUSE-SU-2016:3005-1

suse-cvrf

больше 8 лет назад

Security update for libarchive

3.7 Low

CVSS3

3.5 Low

CVSS2