CVE-2016-4302

Heap-based buffer overflow in the parsecodes function in archivereadsupportformat_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.

References

Affected packages

Git / github.com/libarchive/libarchive

Affected ranges

Type: GIT
Repo: https://github.com/libarchive/libarchive
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

05caadc7eedbef471ac9610809ba683f0c698700

Affected versions

v2.*

v2.6.0

v2.6.1

v2.6.2

v2.7.0

v2.7.1

v2.8.0

v2.8.1

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v3.*

v3.0.0a

v3.0.1b

v3.0.2

v3.0.3

v3.0.4

v3.1.0

v3.1.1

v3.1.2

v3.1.900a

v3.1.901a

v3.2.0

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "source": "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2016-4302-3903f264",
        "digest": {
            "length": 6430.0,
            "function_hash": "297510741690200676578543826215927548601"
        },
        "target": {
            "file": "libarchive/archive_read_support_format_rar.c",
            "function": "parse_codes"
        }
    },
    {
        "signature_type": "Line",
        "source": "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2016-4302-cd2b8b72",
        "digest": {
            "line_hashes": [
                "246565802277398610842427763265886724405",
                "269429852712907734954635047388062957012",
                "192885178850317703560125968378055403273"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "libarchive/archive_read_support_format_rar.c"
        }
    }
]