NVD

Id
20000  
Name
CVE-2016-4302  
Description
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2016-09-21  
Modified Date
2016-10-06  
Seq
2016-4302  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
109247 20000 CVE-2016-4302 http://blog.talosintel.com/2016/06/the-poisoned-archives.html  View
109248 20000 CVE-2016-4302 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444  View
109249 20000 CVE-2016-4302 RHSA-2016:1844  View
109250 20000 CVE-2016-4302 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html  View
109251 20000 CVE-2016-4302 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html  View
109252 20000 CVE-2016-4302 91331  View
109253 20000 CVE-2016-4302 http://www.talosintel.com/reports/TALOS-2016-0154/  View
109254 20000 CVE-2016-4302 https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700  View
109255 20000 CVE-2016-4302 https://github.com/libarchive/libarchive/issues/719  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
11936 JVNDB-2015-007256 libarchive の archive_read_support_format_rar.c の parse_codes 関数におけるヒープベースのバッファオーバーフローの脆弱性 libarchive の archive_read_support_format_rar.c の parse_codes 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2016-4302 90808 CVE-2016-4302 20000 6.8 7.8 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-007256.html 2015-06-20 2016-11-17 View