[cpio] buffer overflow vulnerability
Bug #163831 reported by
disabled.user
This bug report is a duplicate of:
Bug #161173: [CVE-2007-4476] cpio is affected by this CVE as tar..
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cpio (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: cpio
References:
http://
Quoting:
"A buffer overflow vulnerability in the safer_name_suffix() function in GNU cpio has been discovered.
[...]
A remote attacker could entice a user to open a specially crafted archive file resulting in a stack-based buffer overflow, possibly crashing the application. It is disputed whether the execution of arbitrary code is possible."
CVE References
To post a comment you must log in.