CVE-2007-3641 : archive_read_support_format_tar.c in libarchive before 2.2.4 does not properly c

archive_read_support_format_tar.c in libarchive before 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PAX or (2) TAR archive that triggers a buffer overflow.

Published 2007-07-14 00:30:00

Updated 2025-04-09 00:30:58

Source FreeBSD

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Products affected by CVE-2007-3641

Freebsd » Libarchive
Versions up to, including, (<=) 2.2.3
cpe:2.3:a:freebsd:libarchive:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-3641

EPSS FAQ

35.29%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 97 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-3641

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2007-3641

http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/35405

FreeBSD libarchive pax buffer overflow CVE-2007-3641 Vulnerability Report
http://www.vupen.com/english/advisories/2007/2521

Site en construction

CVEs referencing this url
http://www.securitytracker.com/id?1018379

Access Denied

CVEs referencing this url
http://secunia.com/advisories/26050

About Secunia Research | Flexera
Patch;Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/28377

About Secunia Research | Flexera

CVEs referencing this url
http://www.securityfocus.com/bid/24885

Patch

CVEs referencing this url
http://secunia.com/advisories/26355

About Secunia Research | Flexera

CVEs referencing this url
http://secunia.com/advisories/26062

About Secunia Research | Flexera
Patch;Vendor Advisory

CVEs referencing this url
http://people.freebsd.org/~kientzle/libarchive/

libarchive

CVEs referencing this url
http://www.novell.com/linux/security/advisories/2007_15_sr.html

Security - Support | SUSE

CVEs referencing this url
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924

#432924 - [CVE-2007-3641, CVE-2007-3644, CVE-2007-3645] various security bugs - Debian Bug report logs

CVEs referencing this url
http://www.debian.org/security/2008/dsa-1455

[SECURITY] [DSA 1455-1] New libarchive1 packages fix several problems

CVEs referencing this url
http://osvdb.org/38092
http://security.freebsd.org/patches/SA-07:05/libarchive.patch

Patch

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-200708-03.xml

libarchive (formerly named as bsdtar): Multiple PaX Extension Header Vulnerabilities (GLSA 200708-03) — Gentoo security

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2007-3641

Products affected by CVE-2007-3641

Exploit prediction scoring system (EPSS) score for CVE-2007-3641

CVSS scores for CVE-2007-3641

References for CVE-2007-3641