VDB
GCVE-110-MAGEIA-2016-239
GCVE-110-MAGEIA-2016-239
Advisory Published
An out of bounds read in the rar parser: invalid read in function
copy_from_lzss_window() when unpacking malformed rar (CVE-2015-8934).
An exploitable heap overflow vulnerability exists in the 7zip
read_SubStreamsInfo functionality of libarchive. A specially crafted 7zip
file can cause a integer overflow resulting in memory corruption that can
lead to code execution. An attacker can send a malformed file to trigger
this vulnerability (CVE-2016-4300).
An exploitable stack based buffer overflow vulnerability exists in the
mtree parse_device functionality of libarchive. A specially crafted mtree
file can cause a buffer overflow resulting in memory corruption/code
execution. An attacker can send a malformed file to trigger this
vulnerability (CVE-2016-4301).
An exploitable heap overflow vulnerability exists in the Rar decompression
functionality of libarchive. A specially crafted Rar file can cause a heap
corruption eventually leading to code execution. An attacker can send a
malformed file to trigger this vulnerability (CVE-2016-4302).
A signed integer overflow in iso parser: integer overflow when computing
location of volume descriptor (CVE-2016-5844).
The libarchive package has been updated to version 3.2.1, fixing those
issues and other bugs.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | libarchive | 3.2.1-1.mga5 (unaffected), 0 (affected) | — |
Aliases
References
Browse GCVE Records
72,148 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.