Buffer Overflow in GNU Tar Affects Multiple Vendors
CVE-2007-4476

Currently unrated

Key Information:

Vendor: Gnu
Status: Tar
Vendor: CVE Published:; 5 September 2007

Summary

A buffer overflow vulnerability has been identified in the safer_name_suffix function of GNU tar, which can be exploited through unspecified attack vectors. This flaw can lead to system instability, potentially causing a crashing stack effect and opening pathways for further attacks. It is crucial for users of GNU tar to review their versions and apply necessary patches to mitigate the risks associated with this vulnerability.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-77-...

vendor-advisoryx_refsource_SUNALERT

http://secunia.com/advisories/27331

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/32051

third-party-advisoryx_refsource_SECUNIA

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 5, 2007
Vulnerability Reserved
Aug 22, 2007