366 matches found
CVE-2012-6706
CVE-2012-6706 is a VMSF_DELTA memory corruption in unrar <5.5.5 (used in Sophos Anti-Virus Threat Detection Engine
CVE-2012-6706
A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...
Unrar VMSF_DELTA Arbitrary Memory Write
VMSFDELTA filter in unrar allows arbitrary memory write It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug...
Unrar VMSF_DELTA Arbitrary Memory Write Exploit
It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day. VMSFDELTA...
Symantec Web Gateway Anti-Virus Definition < 20160628.037 Multiple Vulnerabilities (SYM16-010) (credentialed check)
According to its self-reported anti-virus definition version number, the remote web server is hosting a version of Symantec Web Gateway with an anti-virus definition version prior to 20160628.037. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the UnR...
Symantec Messaging Gateway 10.x < 10.6.1-4 Multiple Vulnerabilities (SYM16-010)
According to its self-reported version number, the Symantec Messaging Gateway SMG running on the remote host is 10.x prior to 10.6.1-4. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the UnRAR component in the Unpack::ShortLZ function in unpack15.cpp...
Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption
Source: https://code.google.com/p/google-security-research/issues/detail?id=550 The attached file crashes in CmdExtract::UnstoreFile because the signed int64 DestUnpSize is truncated to an unsigned 32bit integer. Perhaps CmdExtract::ExtractCurrentFile should sanity check Arc.FileHead.UnpSize earl...
Unrar 3.9.3 - Local Stack Overflow Exploit
No description provided by source. !/usr/bin/perl =head1 TITLE Winrar = v3.93 Local Stack-based Overflow exploit =head2 DESCRIPTION This script triggers a buffer overflow attack against Unrar, the linux popular version of WinRar extractor. It was not developped to bypass non-executing stack...
Multiple Vendors - RAR Handling Remote Null Pointer Dereference Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24866/info Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability. A successful attack will result in denial-of-service conditions. Attackers may also be able to exploit this issue to execut...
Unrar 3.9.3 Local Stack Overflow Exploit
Exploit for linux platform in category local exploits !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-'...
Unrar 3.9.3 Stack Overflow
!/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820; $pname = "/usr/bin/unrar"; die "-File...
Unrar 3.9.3 - Local Stack Overflow
Unrar 3.9.3 - Local Stack Overflow !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820;...
Unrar 3.9.3 - Local Stack Overflow
!/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820; $pname = "/usr/bin/unrar"; die "-File...
SLES9: Security update for unrar
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unrar For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020379 within the SuSE...
SLES9: Security update for unrar
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unrar For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020379 within the SuSE...
SuSE9 Security Update : unrar (YOU Patch Number 11465)
This update fixes a stack-based buffer overflow in unrar that can be exploited with user-assistance by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
Gentoo Security Advisory GLSA 200702-04 (rar, unrar)
The remote host is missing updates announced in advisory GLSA 200702-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200702-04 (rar, unrar)
The remote host is missing updates announced in advisory GLSA 200702-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: rar
The remote host is missing an update to the system as announced in the referenced advisory. VID 94234e00-be8a-11db-b2ec-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2008-1568
comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs...