VYPR

rpm package

suse/libarchive&distro=SUSE Linux Enterprise Desktop 12

pkg:rpm/suse/libarchive&distro=SUSE%20Linux%20Enterprise%20Desktop%2012

Vulnerabilities (3)

  • CVE-2016-1541HigMay 7, 2016
    affected < 3.1.2-12.1fixed 3.1.2-12.1

    Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.

  • CVE-2015-2304Mar 15, 2015
    affected < 3.1.2-9.1fixed 3.1.2-9.1

    Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

  • CVE-2013-0211Sep 30, 2013
    affected < 3.1.2-9.1fixed 3.1.2-9.1

    Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an i