CVE-2007-4476
published 2007-09-05CVE-2007-4476: Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
high7.5CVSS 3.1
AVNACLAuNCPIPAP
EXPLOIT
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | cpio | < cpio 2.9-5 (bookworm) | cpio 2.9-5 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | tar | < cpio 2.9-5 (bookworm) | cpio 2.9-5 (bookworm) |
| gnu | cpio | >= 0 < 2.9-5 | 2.9-5 |
| gnu | cpio | >= 0 < 2.9-5 | 2.9-5 |
| gnu | cpio | >= 0 < 2.9-5 | 2.9-5 |
| gnu | cpio | >= 0 < 2.9-5 | 2.9-5 |
| gnu | tar | < 1.19 | 1.19 |
| gnu | tar | >= 0 < 1.18-1 | 1.18-1 |
| gnu | tar | >= 0 < 1.18-1 | 1.18-1 |
| gnu | tar | >= 0 < 1.18-1 | 1.18-1 |
| gnu | tar | >= 0 < 1.18-1 | 1.18-1 |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH