Use-After-Free Vulnerabilities in libarchive by the Vendor
CVE-2011-1779

Currently unrated

Key Information:

Vendor: FreeBSD
Status: Libarchive
Vendor: CVE Published:; 13 April 2012

What is CVE-2011-1779?

Multiple use-after-free vulnerabilities exist in libarchive versions 2.8.4 and 2.8.5. These security flaws may allow remote attackers to trigger a denial of service by causing the application to crash through specially crafted TAR archives or ISO9660 image files. Attackers leveraging these vulnerabilities can compromise the application’s integrity and availability, potentially leading to further unspecified impacts.

References

http://code.google.com/p/libarchive/source/detail?r=3038

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=705849

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 13, 2012
Vulnerability Reserved
Apr 19, 2011

FreeBSD

What is CVE-2011-1779?

References

Timeline