366 matches found
CVE-2007-0855
CVE-2007-0855 describes a stack-based buffer overflow in RARLabs UnRAR (as packaged in WinRAR and possibly other products) that can be exploited by a password-protected archive sent to a user; exploitation context is network-accessible with medium attack complexity, no authentication, and require...
CVE-2007-0855
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...
CVE-2007-0855
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive...
RARLabs Unrar口令提示栈溢出漏洞
Unrar是Windows和Linux平台上使用的命令行文档解压程序。 Unrar在处理特制的口令保护文档时存在栈溢出漏洞,远程攻击者可能利用此漏洞控制用户机器。 如果用户受骗打开了恶意压缩文档的话,就可能触发这个漏洞,导致执行任意代码。但如果要利用这个漏洞,必须要求用户与程序交互,用户在响应了要求密码提示后输入密码才可以触发这个漏洞。 RARLAB UnRar 3.61 for Windows RARLAB UnRar 3.60 for Linux 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.rarlabs.com...
iDefense Security Advisory 02.07.07: RARLabs Unrar Password Prompt Buffer Overflow Vulnerability
RARLabs Unrar Password Prompt Buffer Overflow Vulnerability iDefense Security Advisory 02.07.07 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 07, 2007 I. BACKGROUND Unrar is a command line archive extractor for Windows and Linux. For more information visit the vendor's site at the UR...
rar -- password prompt buffer overflow vulnerability
iDefense reports: Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...