Buffer overflow in the main_get_appheader function in xdelta3-main.h in xdelta3 before 3.0.9 allows remote attackers to execute arbitrary code via a crafted input file.
2016-04-19T21:59:01.100
2025-04-12T10:46:40.837
Deferred
CVSSv3.0: 8.8 (HIGH)
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | canonical | ubuntu_linux | 14.04 | Yes |
| Operating System | canonical | ubuntu_linux | 15.10 | Yes |
| Operating System | debian | debian_linux | 7.0 | Yes |
| Operating System | debian | debian_linux | 8.0 | Yes |
| Application | xdelta | xdelta3 | ≤ 3.0.8 | Yes |
| Operating System | opensuse | opensuse | 13.1 | Yes |
| Operating System | opensuse | opensuse | 13.2 | Yes |