Multiple integer overflows in the th_read function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) name or (2) link in an archive, which triggers a heap-based buffer overflow.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-10-17T23:00:00
Updated: 2018-01-12T22:57:01
Reserved: 2013-06-12T00:00:00
Link: CVE-2013-4397
JSON object: View
NVD Information
Status : Modified
Published: 2013-10-17T23:55:04.580
Modified: 2023-02-13T04:46:51.760
Link: CVE-2013-4397
JSON object: View
Redhat Information
No data.
CWE