Buffer Overflow Vulnerability in tar Product by GNU
CVE-2006-0300

Currently unrated

Key Information:

Vendor

Gnu
Status
Tar
Vendor
CVE Published:
24 February 2006

What is CVE-2006-0300?

The vulnerability within the tar utility, versions 1.14 through 1.15.90, allows attackers, with user-assisted means, to trigger a buffer overflow. This overflow can lead to unexpected application crashes and may potentially allow the execution of arbitrary code through exploitation techniques that leverage the PAX extended headers. Users of these versions should consider updating to mitigate risks associated with this vulnerability.

References

http://www.trustix.org/errata/2006/0010
vendor-advisoryx_refsource_TRUSTIX
http://www.securityfocus.com/archive/1/430299/100/0/threaded
vendor-advisoryx_refsource_FEDORA
http://securitytracker.com/id?1015705
vdb-entryx_refsource_SECTRACK

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.