Vulnerability Details CVE-2006-5680
The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before 2006-11-08 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive that causes libarchive to skip a region past the actual end of the archive, which triggers an infinite loop that attempts to read more data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/22723
- http://secunia.com/advisories/22801
- http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc
- http://securitytracker.com/id?1017199
- http://www.securityfocus.com/bid/20961
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30137
- http://secunia.com/advisories/22723
- http://secunia.com/advisories/22801
- http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc
- http://securitytracker.com/id?1017199
- http://www.securityfocus.com/bid/20961
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30137