2017-10-16 12:31:07 -04:00
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2007-3644" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
2018-04-05 09:33:01 -04:00
"name" : "http://security.freebsd.org/patches/SA-07:05/libarchive.patch" ,
"refsource" : "MISC" ,
2017-10-16 12:31:07 -04:00
"url" : "http://security.freebsd.org/patches/SA-07:05/libarchive.patch"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://people.freebsd.org/~kientzle/libarchive/" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "http://people.freebsd.org/~kientzle/libarchive/"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "DSA-1455" ,
"refsource" : "DEBIAN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.debian.org/security/2008/dsa-1455"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "FreeBSD-SA-07:05" ,
"refsource" : "FREEBSD" ,
2017-10-16 12:31:07 -04:00
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "GLSA-200708-03" ,
"refsource" : "GENTOO" ,
2017-10-16 12:31:07 -04:00
"url" : "http://security.gentoo.org/glsa/glsa-200708-03.xml"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "SUSE-SR:2007:015" ,
"refsource" : "SUSE" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "VU#970849" ,
"refsource" : "CERT-VN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.kb.cert.org/vuls/id/970849"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "24885" ,
"refsource" : "BID" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.securityfocus.com/bid/24885"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "38093" ,
"refsource" : "OSVDB" ,
2017-10-16 12:31:07 -04:00
"url" : "http://osvdb.org/38093"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "38094" ,
"refsource" : "OSVDB" ,
2017-10-16 12:31:07 -04:00
"url" : "http://osvdb.org/38094"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2007-2521" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2007/2521"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "1018379" ,
"refsource" : "SECTRACK" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.securitytracker.com/id?1018379"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "26050" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/26050"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "26062" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/26062"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "26355" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/26355"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "28377" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/28377"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "freebsd-libarchive-pax-dos(35402)" ,
"refsource" : "XF" ,
2017-10-16 12:31:07 -04:00
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35402"
}
]
}
}
