|
|
CVE Reference: CVE-2007-3645 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3645 |
|
|
Description: archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follows a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive, which results in a NULL pointer dereference, a different issue than CVE-2007-3644. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35404 SUSE http://www.novell.com/linux/security/advisories/2007_15_sr.html ST 1018379 SAID Secunia Advisory: SA26050 Secunia Advisory: SA26062 Secunia Advisory: SA26355 Secunia Advisory: SA28377 MISC http://security.freebsd.org/patches/SA-07:05/libarchive.patch GENTOO http://security.gentoo.org/glsa/glsa-200708-03.xml FREEBSD http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc DEBIAN http://www.debian.org/security/2008/dsa-1455 CONFIRM http://people.freebsd.org/~kientzle/libarchive/ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924 BID 24885 |
|
| Return to the previous page. |
