Vulnerabilities > Suse > Linux Enterprise Desktop

DATE CVE VULNERABILITY TITLE RISK
2016-09-20 CVE-2015-8934 Out-of-bounds Read vulnerability in multiple products
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
4.3
2016-09-20 CVE-2015-8933 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
4.3
2016-09-20 CVE-2015-8932 Improper Input Validation vulnerability in multiple products
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
4.3
2016-09-20 CVE-2015-8931 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.
6.8
2016-09-20 CVE-2015-8930 Improper Input Validation vulnerability in multiple products
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.
network
low complexity
suse libarchive canonical CWE-20
5.0
2016-09-20 CVE-2015-8929 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.
4.3
2016-09-20 CVE-2015-8928 Out-of-bounds Read vulnerability in multiple products
The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
4.3
2016-09-20 CVE-2015-8926 NULL Pointer Dereference vulnerability in multiple products
The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.
4.3
2016-09-20 CVE-2015-8925 Out-of-bounds Read vulnerability in multiple products
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.
4.3
2016-07-05 CVE-2016-4957 NULL Pointer Dereference vulnerability in multiple products
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet.
network
low complexity
oracle novell opensuse ntp suse CWE-476
5.0