Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
2006-02-24T00:02:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 5.1 (MEDIUM)
AV:N/AC:H/Au:N/C:P/I:P/A:P
4.9
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gnu | tar | 1.14 | Yes |
| Application | gnu | tar | 1.14.1 | Yes |
| Application | gnu | tar | 1.15 | Yes |
| Application | gnu | tar | 1.15.1 | Yes |
| Application | gnu | tar | 1.15.90 | Yes |