libarchive: multiple vulnerabilities
| Package(s): | libarchive | CVE #(s): | CVE-2010-4666 CVE-2011-1779 | ||||
| Created: | June 2, 2014 | Updated: | June 4, 2014 | ||||
| Description: | From the CVE entries
Buffer overflow in libarchive 3.0 pre-release code allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CAB file, which is not properly handled during the reading of Huffman code data within LZX compressed data. (CVE-2010-4666) Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image. (CVE-2011-1779) | ||||||
| Alerts: |
| ||||||