Lucene search
+L

366 matches found

UbuntuCve
UbuntuCve
added 2008/03/31 10:44 p.m.14 views

CVE-2008-1568

comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs...

7.5CVSS6.1AI score0.02304EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2008/03/31 10:0 p.m.70 views

CVE-2008-1568

Removed by vendor...

7.5CVSS6.7AI score0.02304EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.28 views

SuSE 10 Security Update : unrar (ZYPP Patch Number 2997)

This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

6.8CVSS5.6AI score0.03954EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.27 views

openSUSE 10 Security Update : unrar (unrar-2996)

This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. CVE-2007-0855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

6.8CVSS5.6AI score0.03954EPSS
Exploits0References1
NVD
NVD
added 2007/07/12 4:30 p.m.18 views

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

4.3CVSS6.4AI score0.0213EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2007/07/12 4:30 p.m.24 views

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

4.3CVSS6AI score0.0213EPSS
Exploits0References1
Prion
Prion
added 2007/07/12 4:30 p.m.21 views

Integer overflow

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

4.3CVSS7AI score0.0213EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2007/07/12 4:30 p.m.8 views

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

6.4AI score
Exploits0References6
CVE
CVE
added 2007/07/12 4:0 p.m.60 views

CVE-2007-3726

The CVE-2007-3726 issue is a signedness error in SET_VALUE (rarvm.cpp) in unrar 3.70 beta 3, used in WinRAR and RAR for OS X. A crafted RAR archive can cast a negative signed value to a large unsigned value, causing a denial of service (crash). No patch/version details are provided in the connect...

4.3CVSS6.4AI score0.0213EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/07/12 4:0 p.m.27 views

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

6.4AI score0.0213EPSS
Exploits0References6
exploitpack
exploitpack
added 2007/07/11 12:0 a.m.16 views

ClamAV UnRAR - .RAR Handling Remote Null Pointer Dereference

ClamAV UnRAR - .RAR Handling Remote Null Pointer Dereference source: https://www.securityfocus.com/bid/24866/info Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability. A successful attack will result in denial-of-service conditions. Attackers may also be able to...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2007/07/11 12:0 a.m.25 views

ClamAV / UnRAR - .RAR Handling Remote Null Pointer Dereference

source: https://www.securityfocus.com/bid/24866/info Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability. A successful attack will result in denial-of-service conditions. Attackers may also be able to exploit this issue to execute arbitrary code, but this has not...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.20 views

FreeBSD : rar -- password prompt buffer overflow vulnerability (94234e00-be8a-11db-b2ec-000c6ec775d9)

iDefense reports : Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...

6.8CVSS6.4AI score0.03954EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/02/15 12:0 a.m.21 views

GLSA-200702-04 : RAR, UnRAR: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200702-04 RAR, UnRAR: Buffer overflow RAR and UnRAR contain a boundary error when processing password-protected archives that could result in a stack-based buffer overflow. Impact : A remote attacker could entice a user to process...

6.8CVSS6.1AI score0.03954EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2007/02/13 12:0 a.m.29 views

RAR, UnRAR: Buffer overflow

Background RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files. Description RAR and UnRAR contain a boundary error when processing password-protected archives that could result in a stack-based buffer overflow. Impact A remote attacker could entice a user to...

6.8CVSS7.4AI score0.03954EPSS
Exploits0
Prion
Prion
added 2007/02/08 6:28 p.m.20 views

Stack overflow

Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...

6.8CVSS8.2AI score0.03954EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2007/02/08 6:28 p.m.11 views

CVE-2007-0855

Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...

6.8CVSS7.9AI score0.03954EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2007/02/08 6:28 p.m.30 views

CVE-2007-0855

Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...

6.8CVSS6.3AI score0.03954EPSS
Exploits0References1
OSV
OSV
added 2007/02/08 6:28 p.m.8 views

CVE-2007-0855

Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...

8.2AI score
Exploits0References12
OSV
OSV
added 2007/02/08 6:28 p.m.3 views

DEBIAN-CVE-2007-0855

Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...

6.8CVSS8.4AI score0.03954EPSS
Exploits0References1
Rows per page
Query Builder