CVE-2007-3644

Name of the Vulnerable Software and Affected Versions: libarchive versions prior to 2.2.4

Description: The issue allows user-assisted remote attackers to cause a denial of service, potentially leading to disruption of confidentiality, integrity, and availability of protected information. This can be achieved through an end-of-file condition within a pax extension header or a malformed pax extension header in a PAX or TAR archive. Exploitation of the issue can be done remotely.

Recommendations: For versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of libarchive to minimize the risk of exploitation. Avoid using libarchive to process untrusted archives until the issue is resolved.