Lucene search
+L

366 matches found

Cvelist
Cvelist
added 2017/07/12 4:0 p.m.18 views

CVE-2017-11190

unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via an RAR archive containing a long filename...

8.4AI score0.01019EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/07/12 4:0 p.m.26 views

CVE-2017-11189

unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash, which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the sam...

6.4AI score0.01315EPSS
Exploits1References1
CVE
CVE
added 2017/07/12 4:0 p.m.74 views

CVE-2017-11189

CVE-2017-11189 affects unrarlib.c in unrar-free 0.0.1, where a NULL pointer dereference can cause a denial of service (crash) if used as library code. Related entries (CVE-2017-14121) describe a NULL pointer dereference in the DecodeNumber function for the same package; several sources link them ...

6.5CVSS6AI score0.01315EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/07/05 12:0 a.m.79 views

SUSE SLES11 Security Update : unrar (SUSE-SU-2017:1760-1)

This update for unrar fixes the following issues : - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable h...

10CVSS8.3AI score0.10027EPSS
Exploits4References4
OSV
OSV
added 2017/07/03 3:17 p.m.6 views

SUSE-SU-2017:1760-1 Security update for unrar

This update for unrar fixes the following issues: - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315...

10CVSS9.7AI score0.10027EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2017/07/03 12:0 a.m.36 views

SUSE SLED12 / SLES12 Security Update : unrar (SUSE-SU-2017:1745-1)

This update for unrar fixes the following issues : - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable h...

10CVSS8.3AI score0.10027EPSS
Exploits4References4
OSV
OSV
added 2017/06/30 1:35 p.m.7 views

SUSE-SU-2017:1745-1 Security update for unrar

This update for unrar fixes the following issues: - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. bsc1045315...

10CVSS9.7AI score0.10027EPSS
Exploits4References3
0day.today
0day.today
added 2017/06/28 12:0 a.m.33 views

unrar 5.40 - VMSF_DELTA Filter Arbitrary Memory Write Exploit

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6 It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/06/28 12:0 a.m.34 views

Debian DLA-1003-1 : unrar-nonfree security update

It was reported that unrar fixed a VMSFDELTA memory corruption issue in their latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. For Debian 7 'Wheezy', these problems have been fixed in version 1:4.1.4-1+deb7u2. We recommend that you...

10CVSS8.2AI score0.10027EPSS
Exploits4References3
Debian
Debian
added 2017/06/27 9:4 a.m.24 views

[SECURITY] [DLA 1003-1] unrar-nonfree security update

Package : unrar-nonfree Version : 1:4.1.4-1+deb7u2 CVE ID : CVE-2012-6706 Debian Bug : 865461 It was reported that unrar fixed a VMSFDELTA memory corruption issue in their latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. For Debian...

10CVSS7.3AI score0.10027EPSS
Exploits4
OSV
OSV
added 2017/06/27 12:0 a.m.26 views

DLA-1003-1 unrar-nonfree - security update

Bulletin has no description...

10CVSS9.4AI score0.10027EPSS
Exploits4
CNVD
CNVD
added 2017/06/26 12:0 a.m.1 views

Sophos Anti-Virus Threat Detection Engine unrar memory corruption vulnerability

Sophos Anti-Virus Threat Detection Engine is a suite of anti-virus engines for a wide range of operating systems from UK-based Sophos that detects and removes viruses, spyware, Trojans and worms in real time, ensuring full network protection for desktops and laptops. unrar is one of the...

10CVSS7.8AI score0.10027EPSS
Exploits4References1
NVD
NVD
added 2017/06/22 1:29 p.m.17 views

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

10CVSS9.9AI score0.10027EPSS
Exploits4References10
OSV
OSV
added 2017/06/22 1:29 p.m.1 views

DEBIAN-CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

9.8CVSS8.2AI score0.10027EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2017/06/22 1:29 p.m.28 views

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

10CVSS7.4AI score0.10027EPSS
Exploits4References9
OSV
OSV
added 2017/06/22 1:29 p.m.28 views

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

9.8CVSS8AI score
Exploits0References11
Prion
Prion
added 2017/06/22 1:29 p.m.18 views

Integer overflow

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

10CVSS8.1AI score0.10027EPSS
Exploits4References10Affected Software2
OSV
OSV
added 2017/06/22 1:29 p.m.5 views

UBUNTU-CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

9.8CVSS7.6AI score0.10027EPSS
Exploits4References10
OSV
OSV
added 2017/06/22 1:29 p.m.1 views

ALPINE-CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

9.8CVSS9.3AI score0.10027EPSS
Exploits4References1
Debian CVE
Debian CVE
added 2017/06/22 1:0 p.m.32 views

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

10CVSS10AI score0.10027EPSS
Exploits4
Rows per page
Query Builder