gtar -- invalid headers buffer overflow

2006-02-22T00:00:00
ID 6107EFB9-AAE3-11DA-AEA1-000854D03344
Type freebsd
Reporter FreeBSD
Modified 2006-02-22T00:00:00

Description

GNU tar is vulnerable to a buffer overflow, caused by improper bounds checking of the PAX extended headers. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.