CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2015-8933
https://notcve.org/view.php?id=CVE-2015-8933
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file. Desbordamiento de entero en la función archive_read_format_tar_skip en archive_read_support_format_tar.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo tar manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.securityfocus.com/bid/91421 http://www.ubuntu.com/usn/USN-3033-1 https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html https://github.com/libarchive/libarchive/issues/548 https://security.gento • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 2%CPEs: 10EXPL: 1CVE-2015-8932 – libarchive: Undefined behavior / invalid shiftleft in TAR parser
https://notcve.org/view.php?id=CVE-2015-8932
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift. La función compress_bidder_init en archive_read_support_filter_compress.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo tar manipulado, lo que desencadena un desplazamiento a la izquierda no válida. Undefined behavior (invalid left shift) was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://rhn.redhat.com/errata/RHSA-2016-1850.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91424 http://www.ubuntu. • CWE-20: Improper Input Validation CWE-682: Incorrect Calculation •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0CVE-2015-8919 – libarchive: Heap out of bounds read in LHA/LZH parser
https://notcve.org/view.php?id=CVE-2015-8919
The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. La función lha_read_file_extended_header en archive_read_support_format_lha.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos provocar una denegación de servicio (memoria dinámica fuera de rango) a través de un archivo (1) lzh o (2) lha manipulado. A vulnerability was found in libarchive. A specially crafted LZA/LZH file could cause a small out-of-bounds read, potentially disclosing a few bytes of application memory. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91302 http://www.ubuntu.com/usn/USN-3033-1 https://blog.fuzzing-project. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 3%CPEs: 8EXPL: 0CVE-2015-8923 – libarchive: Unclear crashes in ZIP parser
https://notcve.org/view.php?id=CVE-2015-8923
The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file. La función process_extra en libarchive en versiones anteriores a 3.2.0 utiliza el campo de tamaño y un número con signo en un desplazamiento, lo que permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo zip manipulado. A vulnerability was found in libarchive. A specially crafted ZIP file could cause a few bytes of application memory in a 256-byte region to be disclosed. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://www.debian.org/security/2016/dsa-3657 http://www.openwall.com/lists/oss-security/2016/06/17/2 http://www.openwall.com/lists/oss-security/2016/06/17/5 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/91309 http://www.ubuntu.com/usn/USN-3033-1 https://blog.fuzzing-project. • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 17%CPEs: 1EXPL: 0CVE-2016-1541 – libarchive: zip_read_mac_metadata() heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2016-1541
Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive. Desbordamiento de buffer basado en memoria dinámica en la función zip_read_mac_metadata en archive_read_support_format_zip.c en libarchive en versiones anteriores a 3.2.0 permite a atacantes remotos ejecutar código arbitrario a través de valores entry-size manipulados en un archivo ZIP. A vulnerability was found in libarchive. A specially crafted zip file can provide an incorrect compressed size, which may allow an attacker to place arbitrary code on the heap and execute it in the context of the application. • http://lists.opensuse.org/opensuse-updates/2016-06/msg00003.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00090.html http://rhn.redhat.com/errata/RHSA-2016-1844.html http://www.debian.org/security/2016/dsa-3574 http://www.kb.cert.org/vuls/id/862384 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/89355 http://www.slackware.com&# • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •