Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2016-09-20	CVE-2015-8924	Out-of-bounds Read vulnerability in multiple products The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file. local low complexity libarchive novell canonical CWE-125	5.5
2016-09-20	CVE-2015-8923	Improper Input Validation vulnerability in multiple products The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file. network low complexity libarchive novell canonical CWE-20	6.5
2016-09-20	CVE-2015-8922	NULL Pointer Dereference vulnerability in multiple products The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. local low complexity libarchive novell canonical oracle CWE-476	5.5
2016-09-20	CVE-2015-8921	Out-of-bounds Read vulnerability in multiple products The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. network low complexity novell libarchive canonical CWE-125	7.5
2016-09-20	CVE-2015-8920	Out-of-bounds Read vulnerability in multiple products The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. local low complexity novell canonical libarchive CWE-125	5.5
2016-09-20	CVE-2015-8919	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. network low complexity canonical libarchive novell CWE-119	7.5
2016-09-20	CVE-2015-8917	NULL Pointer Dereference vulnerability in multiple products bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file. network low complexity debian libarchive canonical CWE-476	5.0
2016-09-20	CVE-2015-8916	NULL Pointer Dereference vulnerability in multiple products bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file. network canonical debian libarchive CWE-476	4.3
2016-09-07	CVE-2016-6262	Out-of-bounds Read vulnerability in multiple products idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948. network low complexity gnu canonical opensuse CWE-125	7.5
2016-09-07	CVE-2016-6261	Out-of-bounds Read vulnerability in multiple products The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input. network low complexity opensuse gnu canonical CWE-125	7.5