bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2016-09-20T14:00:00
Updated: 2024-08-06T08:36:29.921Z
Reserved: 2016-06-17T00:00:00
Link: CVE-2015-8916
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-09-20T14:15:01.633
Modified: 2018-01-05T02:30:23.900
Link: CVE-2015-8916
Redhat