CVE-2010-0624

描述

Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.

受影響套件(2)

• Debian/cpiofrom 0, < 2.11-1
• Debian/tarfrom 0, < 1.23-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-0624