CVE-2016-6250
HIGH8.6EPSS 2.7%Published: 9/21/2016Modified: 4/28/2026
Description
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
Affected packages (2)
- Alpine/libarchivefrom 0, < 3.2.1-r0
- Debian/libarchivefrom 0, < 3.2.1-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.6 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |