366 matches found
CVE-2008-1568
comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs...
CVE-2008-1568
Removed by vendor...
SuSE 10 Security Update : unrar (ZYPP Patch Number 2997)
This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
openSUSE 10 Security Update : unrar (unrar-2996)
This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
Integer overflow
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
CVE-2007-3726
The CVE-2007-3726 issue is a signedness error in SET_VALUE (rarvm.cpp) in unrar 3.70 beta 3, used in WinRAR and RAR for OS X. A crafted RAR archive can cast a negative signed value to a large unsigned value, causing a denial of service (crash). No patch/version details are provided in the connect...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
ClamAV UnRAR - .RAR Handling Remote Null Pointer Dereference
ClamAV UnRAR - .RAR Handling Remote Null Pointer Dereference source: https://www.securityfocus.com/bid/24866/info Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability. A successful attack will result in denial-of-service conditions. Attackers may also be able to...
ClamAV / UnRAR - .RAR Handling Remote Null Pointer Dereference
source: https://www.securityfocus.com/bid/24866/info Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability. A successful attack will result in denial-of-service conditions. Attackers may also be able to exploit this issue to execute arbitrary code, but this has not...
FreeBSD : rar -- password prompt buffer overflow vulnerability (94234e00-be8a-11db-b2ec-000c6ec775d9)
iDefense reports : Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...
GLSA-200702-04 : RAR, UnRAR: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200702-04 RAR, UnRAR: Buffer overflow RAR and UnRAR contain a boundary error when processing password-protected archives that could result in a stack-based buffer overflow. Impact : A remote attacker could entice a user to process...
RAR, UnRAR: Buffer overflow
Background RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files. Description RAR and UnRAR contain a boundary error when processing password-protected archives that could result in a stack-based buffer overflow. Impact A remote attacker could entice a user to...
Stack overflow
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...
CVE-2007-0855
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...
CVE-2007-0855
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...
CVE-2007-0855
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...
DEBIAN-CVE-2007-0855
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...