Buffer Overflow Vulnerability in tar Product by GNU
CVE-2006-0300

Currently unrated

Key Information:

Vendor: Gnu
Status: Tar
Vendor: CVE Published:; 24 February 2006

Summary

The vulnerability within the tar utility, versions 1.14 through 1.15.90, allows attackers, with user-assisted means, to trigger a buffer overflow. This overflow can lead to unexpected application crashes and may potentially allow the execution of arbitrary code through exploitation techniques that leverage the PAX extended headers. Users of these versions should consider updating to mitigate risks associated with this vulnerability.

References

http://www.trustix.org/errata/2006/0010

vendor-advisoryx_refsource_TRUSTIX

http://www.securityfocus.com/archive/1/430299/100/0/threaded

vendor-advisoryx_refsource_FEDORA

http://securitytracker.com/id?1015705

vdb-entryx_refsource_SECTRACK

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 24, 2006
Vulnerability Reserved
Jan 18, 2006