CVE-2016-8688
https://notcve.org/view.php?id=CVE-2016-8688
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c. El licitador mtree en libarchive 3.2.1 no realiza un seguimiento de los tamaños de línea cuando amplía la lectura anticipada, lo que permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo manipulado, lo que desencadena una lectura inválida en la función (1) detect_form o (2) bid_entry en libarchive/archive_read_support_format_mtree.c. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00027.html http://www.openwall.com/lists/oss-security/2016/10/16/11 http://www.securityfocus.com/bid/93781 https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-bid_entry-archive_read_support_format_mtree-c https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdt • CWE-125: Out-of-bounds Read •
CVE-2016-8689
https://notcve.org/view.php?id=CVE-2016-8689
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive. La función read_Header en archive_read_support_format_7zip.c en libarchive 3.2.1 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de múltiples atributos EmptyStream en una cabecera en un archivo 7zip. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00027.html http://www.openwall.com/lists/oss-security/2016/10/16/11 http://www.securityfocus.com/bid/93781 https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c https://bugzilla.redhat.com/show_bug.cgi?id=1377925 https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126 https://lists.debian.org/debian-lts-announce/2018/11/msg00037.ht • CWE-125: Out-of-bounds Read •
CVE-2017-5601
https://notcve.org/view.php?id=CVE-2017-5601
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. Un error en la función lha_read_file_header_1() (archive_read_support_format_lha.c) en libarchive 3.2.2 permite a un atacantes desencadenar un acceso de lectura fuera de límites de la memoria y posteriormente provocar una caída a través de un archivo especialmente manipulado. • http://www.securityfocus.com/bid/95837 http://www.securitytracker.com/id/1037974 https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9 https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html https://secunia.com/secunia_research/2017-3 • CWE-125: Out-of-bounds Read •
CVE-2016-8687
https://notcve.org/view.php?id=CVE-2016-8687
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename. Desbordamiento de búfer basado en pila en la función safe_fprintf en tar/util.c en libarchive 3.2.1 permite a atacantes remotos provocar una denegación de servicio a través de un carácter multibyte manipulado no imprimible en un nombre de archivo. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00027.html http://www.openwall.com/lists/oss-security/2016/10/16/11 http://www.securityfocus.com/bid/93781 http://www.securitytracker.com/id/1037668 https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c https://bugzilla.redhat.com/show_bug.cgi?id=1377926 https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a https://lists.debian.org/debian-lts-a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-4301
https://notcve.org/view.php?id=CVE-2016-4301
Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file. Desbordamiento de búfer basado en pila en la función parse_device en archive_read_support_format_mtree.c en libarchive en versiones anteriores a 3.2.1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo mtree manipulado. • http://blog.talosintel.com/2016/06/the-poisoned-archives.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.securityfocus.com/bid/91328 http://www.talosintel.com/reports/TALOS-2016-0153 https://bugzilla.redhat.com/show_bug.cgi?id=1348441 https://github.com/libarchive/libarchive/commit/a550daeecf6bc689ade371349892ea17b5b97c77 https://github.com/libarchive/libarchive/issues/715 https://security.gentoo.org/glsa/201701-03 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •