EUVD-2004-1025

Malware in sbrugna...

MGASA-2023-0107 Updated unarj packages fix security vulnerability

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. CVE-2004-0947 Directory traversal vulnerability in the -x extract command line option in unarj allows remote attackers to overwrite arbitrary files via an ar...

Updated unarj packages fix security vulnerability

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. CVE-2004-0947 Directory traversal vulnerability in the -x extract command line option in unarj allows remote attackers to overwrite arbitrary files via an ar...

SUSE CVE-2004-0947

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames...

The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries

Overview The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting provided by Micco use the old version of Self-Extracting Archives created by UNLHA32.DLL. They contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2018-16189. Eili...

The vulnerability of the unarj library, which provides data archiving, allows attackers to re-record any files they choose.

The vulnerability of the -x command line option for extracting the unarj library, which handles data archiving, is related to deficiencies in path name restrictions. Exploiting this vulnerability allows a malicious actor to overwrite arbitrary files using an arj archive with file names containing...

The vulnerability of the unarj library, which provides data archiving, allows a perpetrator to execute arbitrary code.

The vulnerability of the unarj library, which provides data archiving, arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the arj archive, which contains files with overly long filenames...

Fedora Core 2 : unarj-2.63a-7 (2004-414)

A buffer overflow bug has been discovered in unarj when handling long file names contained in an archive. An attacker could create an archive with a specially crafted path which could cause unarj to crash or execute arbitrary instructions. The Common Vulnerabilities and Exposures project...

SLES9: Security update for unarj

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unarj For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5015411 within the SuSE...

SLES9: Security update for unarj

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: unarj For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5015411 within the SuSE...

SuSE9 Security Update : unarj (YOU Patch Number 9523)

A directory traversal bug was spotted in the unarj program CVE-2004-0947. Additionaly SUSE Security audited unarj and found several buffer overflows which are also fixed by this update. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Gentoo Security Advisory GLSA 200411-29 (unarj)

The remote host is missing updates announced in advisory GLSA 200411-29. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200411-29 (unarj)

The remote host is missing updates announced in advisory GLSA 200411-29. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. VID a163baff-3fe1-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. VID 1f922de0-3fe5-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: unarj

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Debian Security Advisory DSA 652-1 (unarj)

The remote host is missing an update to unarj announced via advisory DSA 652-1. OpenVAS Vulnerability Test $Id: deb6521.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 652-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MailMarshal UNARJ解压目录遍历漏洞

MailMarshal SMTP是适用于业务网络的邮件安全解决方案。 MailMarshal用于解压.ARJ文档文件的解压例程中存在目录遍历漏洞，远程攻击者可能利用此漏洞在系统的任意位置创建文件。 由于没有对包含有目录遍历字符串（如“../”）的解压文件名执行正确的沙盒限制，攻击者可以通过诱骗用户打开恶意的ARJ文档在任意位置创建文件。 Marshal MailMarshal SMTP 6.0 Marshal MailMarshal SMTP 5.0 Marshal MailMarshal SMTP 2006 Marshal MailMarshal for Exchange 5.0...