|Max CVSS||6.8||Min CVSS||4.0||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
|19-10-2018 - 15:44||24-02-2006 - 00:02|
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function
|17-10-2018 - 21:46||24-11-2006 - 18:07|
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
|15-10-2018 - 21:33||25-08-2007 - 00:17|
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arb
|10-10-2018 - 19:53||15-03-2010 - 13:28|