Download
| Alert*
oval:org.secpod.oval:def:600737
Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that ... oval:org.secpod.oval:def:700711 libarchive: Library to read/write archive files libarchive could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:5799 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to properly handle tar archives and iso9660 files. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:301077 Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges ... oval:org.secpod.oval:def:500025 The libarchive programming library can create and read several different streaming archive formats, including GNU tar and cpio. It can also read ISO 9660 CD-ROM images. Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9 ... oval:org.secpod.oval:def:1503446 Updated libarchive packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:5820 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute ... |