CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8931 – libarchive: Undefined behavior (signed integer overflow) in mtree parser
https://notcve.org/view.php?id=CVE-2015-8931
Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior. Múltiples desbordamientos de entero en las funciones (1) get_time_t_max y (2) get_time_t_min en archive_read_support_format_mtree.c en libarchive en versiones anteriores a 3.2.0 permiten a atacantes remotos tener impacto no especificado a través de un archivo mtree manipulado, lo que desencadena un comportamiento no definido. Undefined behavior (signed integer overflow) was discovered in libarchive, in the MTREE parser's calculation of maximum and minimum dates. A crafted mtree file could potentially cause denial of service. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91338 http://www.ubuntu.com/usn/USN-3033-1 https://blog.fuzzing-project. • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2015-8933
https://notcve.org/view.php?id=CVE-2015-8933
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file. Desbordamiento de entero en la función archive_read_format_tar_skip en archive_read_support_format_tar.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo tar manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.securityfocus.com/bid/91421 http://www.ubuntu.com/usn/USN-3033-1 https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html https://github.com/libarchive/libarchive/issues/548 https://security.gento • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 2%CPEs: 10EXPL: 1CVE-2015-8932 – libarchive: Undefined behavior / invalid shiftleft in TAR parser
https://notcve.org/view.php?id=CVE-2015-8932
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift. La función compress_bidder_init en archive_read_support_filter_compress.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo tar manipulado, lo que desencadena un desplazamiento a la izquierda no válida. Undefined behavior (invalid left shift) was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://rhn.redhat.com/errata/RHSA-2016-1850.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91424 http://www.ubuntu. • CWE-20: Improper Input Validation CWE-682: Incorrect Calculation •
CVSS: 5.5EPSS: 1%CPEs: 5EXPL: 0CVE-2015-8808
https://notcve.org/view.php?id=CVE-2015-8808
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file. La función DecodeImage en coders/gif.c en GraphicsMagick 1.3.18 permite a atacantes remotos provocar una denegación de servicio (acceso a memoria no inicializada) a través de un archivo GIF manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177834.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.html http://marc.info/?l=graphicsmagick-commit&m=142283721604323&w=2 http://www.debian.org/security/2016/dsa-3746 http://www.openwall.com/lists/oss-security/2016/02/06/1 http://www.openwall.com/lists/oss-security/2016/02/06/3 http://www.securityfocus.com/bid/83058 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2016-5244
https://notcve.org/view.php?id=CVE-2016-5244
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message. La función rds_inc_info_copy en net/rds/recv.c en el kernel de Linux hasta la versión 4.6.3 no inicializa un cierto miembro de estructura, lo que permite a atacantes remotos obtener información sensible de la memoria de pila del kernel leyendo un mensaje RDS. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html http://lists.opensuse.org • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •