Martin Matuska

7 exploits Active since Jan 2017
CVE-2017-5601 WRITEUP HIGH WRITEUP
libarchive 3.2.2 - Out-of-bounds Read in lha_read_file_header_1()
An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.
CVSS 7.5
CVE-2019-11463 WRITEUP MEDIUM WRITEUP
libarchive 3.3.4-dev - Memory Corruption
A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.
CVSS 5.5
CVE-2019-18408 WRITEUP HIGH WRITEUP
libarchive < 3.4.0 - Use-After-Free in RAR Archive Data Reading
archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.
CVSS 7.5
CVE-2019-19221 WRITEUP MEDIUM WRITEUP
Libarchive <3.4.0 - Buffer Overflow
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.
CVSS 5.5
CVE-2020-21674 WRITEUP MEDIUM WRITEUP
libarchive 3.4.1dev - Heap-Based Buffer Overflow in archive_string_append_from_wcs
Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.
CVSS 6.5
CVE-2021-23177 WRITEUP HIGH WRITEUP
Archive Extractor - Privilege Escalation
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.
CVSS 7.8
CVE-2021-31566 WRITEUP HIGH WRITEUP
libarchive < 3.5.2 - Improper Link Resolution Before File Access
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
CVSS 7.8