CVE-2011-1778

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive.

References

http://code.google.com/p/libarchive/source/detail?r=3160

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

http://secunia.com/advisories/48034

http://support.apple.com/kb/HT5281

http://www.debian.org/security/2012/dsa-2413

https://bugzilla.redhat.com/show_bug.cgi?id=705849

https://rhn.redhat.com/errata/RHSA-2011-1507.html

Details

Source: MITRE

Published: 2012-04-13

Updated: 2018-01-10

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
74259GLSA-201406-02 : libarchive: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
68396Oracle Linux 6 : libarchive (ELSA-2011-1507)NessusOracle Linux Local Security Checks
medium
6482Mac OS X 10.7 < 10.7.4 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
59067Mac OS X Multiple Vulnerabilities (Security Update 2012-002) (BEAST)NessusMacOS X Local Security Checks
critical
59066Mac OS X 10.7.x < 10.7.4 Multiple Vulnerabilities (BEAST)NessusMacOS X Local Security Checks
critical
58043Debian DSA-2413-1 : libarchive - buffer overflowsNessusDebian Local Security Checks
medium
57341Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : libarchive vulnerabilities (USN-1310-1)NessusUbuntu Local Security Checks
medium
57332Mandriva Linux Security Advisory : libarchive (MDVSA-2011:190)NessusMandriva Local Security Checks
medium
56990RHEL 6 : libarchive (RHSA-2011:1507)NessusRed Hat Local Security Checks
medium