Vulnerability in Gnu Tar
CVE-2006-0300
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
EPSS: 0.051 (91.2th percentile) — read the EPSS interpretation.
Affected products
- Gnu Tar — versions 1.14, 1.14.1, 1.15
- N/a — versions n/a
References
- secalert@redhat.com (vendor-advisory, x_refsource_TRUSTIX, Vendor Advisory)
- secalert@redhat.com (x_refsource_FEDORA, vendor-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)
- secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)
- secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_SUSE)
- secalert@redhat.com (US Government Resource, x_refsource_CERT, third-party-advisory)
- secalert@redhat.com (vendor-advisory, x_refsource_OPENPKG)
- secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)