bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself. Date published : 2016-09-20 http://www.securityfocus.com/bid/91339 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file. Date published : 2016-09-20 http://www.securityfocus.com/bid/91340 https://github.com/libarchive/libarchive/issues/517
The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. Date published : 2016-09-20 http://www.securityfocus.com/bid/91337 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password. Date...
The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. Date published : 2016-09-20 http://www.securityfocus.com/bid/91304 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing. Date published : 2016-09-20 http://www.securityfocus.com/bid/91306...
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file. Date published : 2016-09-20 http://www.securityfocus.com/bid/91308 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file....
The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. Date...
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. Date published : 2016-09-20 http://www.securityfocus.com/bid/91307 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. Date published : 2016-09-20 http://www.securityfocus.com/bid/91301 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. Date published : 2016-09-20 http://www.securityfocus.com/bid/91302...
The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy." Date published : 2016-09-20 http://www.securityfocus.com/bid/91300 https://github.com/libarchive/libarchive/issues/506
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file. Date published : 2016-09-20...