Vulnerability Details CVE-2016-9888
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 56.8%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/94860
- https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5
- https://lists.debian.org/debian-lts-announce/2020/04/msg00016.html
- https://secunia.com/advisories/71201/
- https://secunia.com/secunia_research/2016-17/
- http://www.securityfocus.com/bid/94860
- https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5
- https://lists.debian.org/debian-lts-announce/2020/04/msg00016.html
- https://secunia.com/advisories/71201/
- https://secunia.com/secunia_research/2016-17/
Products affected by CVE-2016-9888
-
cpe:2.3:a:gnome:libgsf:1.1.0
-
cpe:2.3:a:gnome:libgsf:1.10.0
-
cpe:2.3:a:gnome:libgsf:1.10.1
-
cpe:2.3:a:gnome:libgsf:1.11.0
-
cpe:2.3:a:gnome:libgsf:1.12.0
-
cpe:2.3:a:gnome:libgsf:1.12.1
-
cpe:2.3:a:gnome:libgsf:1.12.2
-
cpe:2.3:a:gnome:libgsf:1.12.3
-
cpe:2.3:a:gnome:libgsf:1.13.0
-
cpe:2.3:a:gnome:libgsf:1.13.1
-
cpe:2.3:a:gnome:libgsf:1.13.2
-
cpe:2.3:a:gnome:libgsf:1.13.3
-
cpe:2.3:a:gnome:libgsf:1.13.99
-
cpe:2.3:a:gnome:libgsf:1.14.0
-
cpe:2.3:a:gnome:libgsf:1.14.1
-
cpe:2.3:a:gnome:libgsf:1.14.10
-
cpe:2.3:a:gnome:libgsf:1.14.11
-
cpe:2.3:a:gnome:libgsf:1.14.12
-
cpe:2.3:a:gnome:libgsf:1.14.13
-
cpe:2.3:a:gnome:libgsf:1.14.14
-
cpe:2.3:a:gnome:libgsf:1.14.15
-
cpe:2.3:a:gnome:libgsf:1.14.16
-
cpe:2.3:a:gnome:libgsf:1.14.17
-
cpe:2.3:a:gnome:libgsf:1.14.18
-
cpe:2.3:a:gnome:libgsf:1.14.19
-
cpe:2.3:a:gnome:libgsf:1.14.2
-
cpe:2.3:a:gnome:libgsf:1.14.20
-
cpe:2.3:a:gnome:libgsf:1.14.21
-
cpe:2.3:a:gnome:libgsf:1.14.22
-
cpe:2.3:a:gnome:libgsf:1.14.23
-
cpe:2.3:a:gnome:libgsf:1.14.24
-
cpe:2.3:a:gnome:libgsf:1.14.25
-
cpe:2.3:a:gnome:libgsf:1.14.26
-
cpe:2.3:a:gnome:libgsf:1.14.27
-
cpe:2.3:a:gnome:libgsf:1.14.28
-
cpe:2.3:a:gnome:libgsf:1.14.29
-
cpe:2.3:a:gnome:libgsf:1.14.3
-
cpe:2.3:a:gnome:libgsf:1.14.30
-
cpe:2.3:a:gnome:libgsf:1.14.31
-
cpe:2.3:a:gnome:libgsf:1.14.32
-
cpe:2.3:a:gnome:libgsf:1.14.33
-
cpe:2.3:a:gnome:libgsf:1.14.34
-
cpe:2.3:a:gnome:libgsf:1.14.35
-
cpe:2.3:a:gnome:libgsf:1.14.36
-
cpe:2.3:a:gnome:libgsf:1.14.37
-
cpe:2.3:a:gnome:libgsf:1.14.38
-
cpe:2.3:a:gnome:libgsf:1.14.39
-
cpe:2.3:a:gnome:libgsf:1.14.4
-
cpe:2.3:a:gnome:libgsf:1.14.40
-
cpe:2.3:a:gnome:libgsf:1.14.5
-
cpe:2.3:a:gnome:libgsf:1.14.6
-
cpe:2.3:a:gnome:libgsf:1.14.7
-
cpe:2.3:a:gnome:libgsf:1.14.8
-
cpe:2.3:a:gnome:libgsf:1.14.9
-
cpe:2.3:a:gnome:libgsf:1.2.0
-
cpe:2.3:a:gnome:libgsf:1.3.0
-
cpe:2.3:a:gnome:libgsf:1.4.0
-
cpe:2.3:a:gnome:libgsf:1.5.0
-
cpe:2.3:a:gnome:libgsf:1.6.0
-
cpe:2.3:a:gnome:libgsf:1.7.2
-
cpe:2.3:a:gnome:libgsf:1.8.0
-
cpe:2.3:a:gnome:libgsf:1.8.1
-
cpe:2.3:a:gnome:libgsf:1.8.2
-
cpe:2.3:a:gnome:libgsf:1.9.0
-
cpe:2.3:a:gnome:libgsf:1.9.1