CVE search results

51 – 60 of 90 results

Detailed view

Sort by:

CVE-2016-5418

Medium priority

Fixed

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	—

CVE-2016-4809

Low priority

Fixed

The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	—

CVE-2016-4302

Medium priority

Fixed

Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	—

CVE-2016-4301

Medium priority

Not affected

Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	—

CVE-2016-4300

Medium priority

Fixed

Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which...

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	—

CVE-2016-1541

Medium priority

Fixed

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	—

CVE-2016-10350

Low priority

Some fixes available 2 of 5

The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	Not affected

CVE-2016-10349

Low priority

Some fixes available 2 of 5

The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	Not affected

CVE-2016-10209

Low priority

Some fixes available 2 of 5

The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	Not affected

CVE-2015-8934

Medium priority

Fixed

The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.

1 affected package

libarchive

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libarchive	—	—	—	—

Export to JSON

Results by page:

Search CVE reports