Vulnerabilities > Libarchive > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-09-20 CVE-2015-8920 Out-of-bounds Read vulnerability in multiple products
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
local
low complexity
novell canonical libarchive CWE-125
5.5
2016-09-20 CVE-2015-8916 NULL Pointer Dereference vulnerability in multiple products
bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.
network
low complexity
canonical debian libarchive CWE-476
6.5
2016-09-20 CVE-2015-8915 Out-of-bounds Read vulnerability in Libarchive
bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file.
local
low complexity
libarchive CWE-125
5.5