Lucene search
+L

366 matches found

CVE
CVE
added 2017/06/22 1:0 p.m.156 views

CVE-2012-6706

CVE-2012-6706 is a VMSF_DELTA memory corruption in unrar <5.5.5 (used in Sophos Anti-Virus Threat Detection Engine

10CVSS9AI score0.10027EPSS
Exploits4References10Affected Software1
Cvelist
Cvelist
added 2017/06/22 1:0 p.m.25 views

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

9.1AI score0.10027EPSS
Exploits4References10
Packet Storm
Packet Storm
added 2017/06/21 12:0 a.m.56 views

Unrar VMSF_DELTA Arbitrary Memory Write

VMSFDELTA filter in unrar allows arbitrary memory write It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug...

0.3AI score
Exploits0
0day.today
0day.today
added 2017/06/21 12:0 a.m.29 views

Unrar VMSF_DELTA Arbitrary Memory Write Exploit

It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day. VMSFDELTA...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/07/12 12:0 a.m.47 views

Symantec Web Gateway Anti-Virus Definition < 20160628.037 Multiple Vulnerabilities (SYM16-010) (credentialed check)

According to its self-reported anti-virus definition version number, the remote web server is hosting a version of Symantec Web Gateway with an anti-virus definition version prior to 20160628.037. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the UnR...

10CVSS8.4AI score0.53402EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2016/06/30 12:0 a.m.54 views

Symantec Messaging Gateway 10.x < 10.6.1-4 Multiple Vulnerabilities (SYM16-010)

According to its self-reported version number, the Symantec Messaging Gateway SMG running on the remote host is 10.x prior to 10.6.1-4. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the UnRAR component in the Unpack::ShortLZ function in unpack15.cpp...

10CVSS8.4AI score0.53402EPSS
Exploits6References9
Exploit DB
Exploit DB
added 2015/12/10 12:0 a.m.26 views

Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption

Source: https://code.google.com/p/google-security-research/issues/detail?id=550 The attached file crashes in CmdExtract::UnstoreFile because the signed int64 DestUnpSize is truncated to an unsigned 32bit integer. Perhaps CmdExtract::ExtractCurrentFile should sanity check Arc.FileHead.UnpSize earl...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Unrar 3.9.3 - Local Stack Overflow Exploit

No description provided by source. !/usr/bin/perl =head1 TITLE Winrar = v3.93 Local Stack-based Overflow exploit =head2 DESCRIPTION This script triggers a buffer overflow attack against Unrar, the linux popular version of WinRar extractor. It was not developped to bypass non-executing stack...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Multiple Vendors - RAR Handling Remote Null Pointer Dereference Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24866/info Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability. A successful attack will result in denial-of-service conditions. Attackers may also be able to exploit this issue to execut...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/08/05 12:0 a.m.25 views

Unrar 3.9.3 Local Stack Overflow Exploit

Exploit for linux platform in category local exploits !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-'...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2011/08/05 12:0 a.m.22 views

Unrar 3.9.3 Stack Overflow

!/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820; $pname = "/usr/bin/unrar"; die "-File...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2011/08/05 12:0 a.m.13 views

Unrar 3.9.3 - Local Stack Overflow

Unrar 3.9.3 - Local Stack Overflow !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820;...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/05 12:0 a.m.37 views

Unrar 3.9.3 - Local Stack Overflow

!/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820; $pname = "/usr/bin/unrar"; die "-File...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.18 views

SLES9: Security update for unrar

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unrar For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020379 within the SuSE...

6.8CVSS6.4AI score0.03954EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.15 views

SLES9: Security update for unrar

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unrar For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020379 within the SuSE...

6.8CVSS6.5AI score0.03954EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.26 views

SuSE9 Security Update : unrar (YOU Patch Number 11465)

This update fixes a stack-based buffer overflow in unrar that can be exploited with user-assistance by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

6.8CVSS5.8AI score0.03954EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.15 views

Gentoo Security Advisory GLSA 200702-04 (rar, unrar)

The remote host is missing updates announced in advisory GLSA 200702-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.03954EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.15 views

Gentoo Security Advisory GLSA 200702-04 (rar, unrar)

The remote host is missing updates announced in advisory GLSA 200702-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

6.8CVSS1AI score0.03954EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.19 views

FreeBSD Ports: rar

The remote host is missing an update to the system as announced in the referenced advisory. VID 94234e00-be8a-11db-b2ec-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

6.8CVSS6.4AI score0.03954EPSS
Exploits0
NVD
NVD
added 2008/03/31 10:44 p.m.10 views

CVE-2008-1568

comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs...

7.5CVSS7.2AI score0.02304EPSS
Exploits0References9
Rows per page
Query Builder