Описание
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
A vulnerability was found in libarchive. An attempt to create an ISO9660 volume with 2GB or 4GB filenames could cause the application to crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libarchive | Not affected | ||
| Red Hat Enterprise Linux 7 | libarchive | Fixed | RHSA-2016:1844 | 12.09.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.9 High
CVSS3
4.3 Medium
CVSS2
Связанные уязвимости
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allo ...
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
EPSS
7.9 High
CVSS3
4.3 Medium
CVSS2