- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200708-03 (libarchive (formerly named as bsdtar): Multiple PaX Extension Header Vulnerabilities)
CPNI, CERT-FI, Tim Kientzle, and Colin Percival reported a buffer overflow (CVE-2007-3641), an infinite loop (CVE-2007-3644), and a NULL pointer dereference (CVE-2007-3645) within the processing of archives having corrupted PaX extension headers.
Impact :
An attacker can trick a user or automated system to process an archive with malformed PaX extension headers into execute arbitrary code, crash an application using the library, or cause a high CPU load.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top