Home

CVE-2007-4476

Description

Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a crashing stack.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
11.809

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2007-4476,CVE-2021-20193 are affected in GNU Tar 1.32Windows
(RHSA-2010:0141) Moderate: tar security update tar-1.15.1-23.0.1.el5_4.2.i386.rpmLinux
(RHSA-2010:0141) Moderate: tar security update tar-1.15.1-23.0.1.el5_4.2.x86_64.rpmLinux
(RHSA-2010:0144) Moderate: cpio security update cpio-2.6-23.el5_4.1.i386.rpmLinux
(RHSA-2010:0144) Moderate: cpio security update cpio-2.6-23.el5_4.1.x86_64.rpmLinux
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-4476)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234