366 matches found
CVE-2017-11190
unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via an RAR archive containing a long filename...
CVE-2017-11189
unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash, which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the sam...
CVE-2017-11189
CVE-2017-11189 affects unrarlib.c in unrar-free 0.0.1, where a NULL pointer dereference can cause a denial of service (crash) if used as library code. Related entries (CVE-2017-14121) describe a NULL pointer dereference in the DecodeNumber function for the same package; several sources link them ...
SUSE SLES11 Security Update : unrar (SUSE-SU-2017:1760-1)
This update for unrar fixes the following issues : - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable h...
SUSE-SU-2017:1760-1 Security update for unrar
This update for unrar fixes the following issues: - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315...
SUSE SLED12 / SLES12 Security Update : unrar (SUSE-SU-2017:1745-1)
This update for unrar fixes the following issues : - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable h...
SUSE-SU-2017:1745-1 Security update for unrar
This update for unrar fixes the following issues: - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315...
unrar 5.40 - VMSF_DELTA Filter Arbitrary Memory Write Exploit
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6 It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons...
Debian DLA-1003-1 : unrar-nonfree security update
It was reported that unrar fixed a VMSFDELTA memory corruption issue in their latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. For Debian 7 'Wheezy', these problems have been fixed in version 1:4.1.4-1+deb7u2. We recommend that you...
[SECURITY] [DLA 1003-1] unrar-nonfree security update
Package : unrar-nonfree Version : 1:4.1.4-1+deb7u2 CVE ID : CVE-2012-6706 Debian Bug : 865461 It was reported that unrar fixed a VMSFDELTA memory corruption issue in their latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. For Debian...
DLA-1003-1 unrar-nonfree - security update
Bulletin has no description...
Sophos Anti-Virus Threat Detection Engine unrar memory corruption vulnerability
Sophos Anti-Virus Threat Detection Engine is a suite of anti-virus engines for a wide range of operating systems from UK-based Sophos that detects and removes viruses, spyware, Trojans and worms in real time, ensuring full network protection for desktops and laptops. unrar is one of the...
CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
DEBIAN-CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
Integer overflow
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
UBUNTU-CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
ALPINE-CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...