Vulnerabilities > Libarchive

DATE	CVE	VULNERABILITY TITLE	RISK
2016-09-20	CVE-2015-8920	Out-of-bounds Read vulnerability in multiple products The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. local low complexity novell canonical libarchive CWE-125	5.5
2016-09-20	CVE-2015-8919	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. network low complexity canonical libarchive novell CWE-119	7.5
2016-09-20	CVE-2015-8918	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy." network low complexity novell libarchive CWE-119	7.5
2016-09-20	CVE-2015-8917	NULL Pointer Dereference vulnerability in multiple products bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file. network low complexity debian libarchive canonical CWE-476	5.0
2016-09-20	CVE-2015-8916	NULL Pointer Dereference vulnerability in multiple products bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file. network canonical debian libarchive CWE-476	4.3
2016-09-20	CVE-2015-8915	Out-of-bounds Read vulnerability in Libarchive bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file. network libarchive CWE-125	4.3
2016-05-07	CVE-2016-1541	Improper Input Validation vulnerability in Libarchive Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive. network libarchive CWE-20	6.8
2013-09-30	CVE-2013-0211	Numeric Errors vulnerability in multiple products Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. network low complexity libarchive canonical opensuse fedoraproject freebsd CWE-189	5.0

Vulnerabilities > Libarchive {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Libarchive"}]}

Vulnerabilities > Libarchive