2 matches found
SUSE CVE-2026-24857
bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor's embedded unrar code has a heap-buffer-overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out-of-bounds write in Unpack::CopyString, leading to a crash under ASAN and...
SUSE CVE-2007-3123
unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service core dump via a crafted RAR file with a modified vmcodesize value, which triggers a heap-based buffer overflow...