CVE Vulnerabilities

CVE-2007-3645

Published: Jul 15, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follows a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive, which results in a NULL pointer dereference, a different issue than CVE-2007-3644.

Affected Software

Name Vendor Start Version End Version
Libarchive Freebsd * 2.2.3 (including)
Libarchive Ubuntu dapper *
Libarchive Ubuntu devel *
Libarchive Ubuntu edgy *
Libarchive Ubuntu feisty *
Libarchive Ubuntu gutsy *
Libarchive Ubuntu hardy *
Libarchive Ubuntu intrepid *
Libarchive Ubuntu jaunty *
Libarchive Ubuntu karmic *

References