14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2016-09-20	CVE-2015-8926	NULL Pointer Dereference vulnerability in multiple products The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. network canonical suse libarchive CWE-476	4.3
2016-09-20	CVE-2015-8925	Out-of-bounds Read vulnerability in multiple products The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing. network canonical libarchive suse CWE-125	4.3
2016-09-20	CVE-2015-8924	Out-of-bounds Read vulnerability in multiple products The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file. local low complexity libarchive novell canonical CWE-125	5.5
2016-09-20	CVE-2015-8923	Improper Input Validation vulnerability in multiple products The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file. network low complexity libarchive novell canonical CWE-20	6.5
2016-09-20	CVE-2015-8922	NULL Pointer Dereference vulnerability in multiple products The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. local low complexity libarchive novell canonical oracle CWE-476	5.5
2016-09-20	CVE-2015-8921	Out-of-bounds Read vulnerability in multiple products The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. network low complexity novell libarchive canonical CWE-125	7.5
2016-09-20	CVE-2015-8920	Out-of-bounds Read vulnerability in multiple products The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. local low complexity novell canonical libarchive CWE-125	5.5
2016-09-20	CVE-2015-8919	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. network low complexity canonical libarchive novell CWE-119	7.5
2016-09-20	CVE-2015-8917	NULL Pointer Dereference vulnerability in multiple products bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file. network low complexity debian libarchive canonical CWE-476	5.0
2016-09-20	CVE-2015-8916	NULL Pointer Dereference vulnerability in multiple products bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file. network canonical debian libarchive CWE-476	4.3