Mageia: Security Advisory (MGASA-2017-0302)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1763-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1716-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2018:0809-1)

This update for clamav fixes the following issues: Security issues fixed : - CVE-2012-6706: VMSFDELTA filter inside the unrar implementation allows an arbitrary memory write bsc1045315. - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted C...

openSUSE Security Update : unrar (openSUSE-2017-724)

This update for unrar to version 5.5 fixes the following issues : Version 5.5.5 - CVE-2012-6706: fixes VMSFDELTA memory corruption boo1045315 see https://bugs.chromium.org/p/project-zero/issues/detail?i d=1286&can=1&q=unrar&desc=2 Version 5.5.1 - Based on RAR 5.50 beta1 - Added extraction support...

Updated unrar packages fix security vulnerabilities

VMSFDELTA memory corruption CVE-2012-6706. Directory traversal issue in UnRAR before 5.5.7 CVE-2017-12938. libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function CVE-2017-12940. libunrar.a in UnRAR before 5.5.7 has a...

GLSA-201708-05 : RAR and UnRAR: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201708-05 RAR and UnRAR: User-assisted execution of arbitrary code A VMSFDELTA memory corruption was discovered in which an integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the DestPos...

SUSE-SU-2017:1763-1 Security update for clamav

This update for clamav fixes the following issues: Security issue fixed: - CVE-2012-6706: Fixed an arbitrary memory write in VMSFDELTA filter in libclamunrar bsc1045490 Non security issue fixed: - Fix permissions of /var/spool/amavis. bsc815106...

Debian DLA-1003-1 : unrar-nonfree security update

It was reported that unrar fixed a VMSFDELTA memory corruption issue in their latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. For Debian 7 'Wheezy', these problems have been fixed in version 1:4.1.4-1+deb7u2. We recommend that you...

unrar 5.40 - VMSF_DELTA Filter Arbitrary Memory Write Exploit

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6 It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons...

[SECURITY] [DLA 1003-1] unrar-nonfree security update

Package : unrar-nonfree Version : 1:4.1.4-1+deb7u2 CVE ID : CVE-2012-6706 Debian Bug : 865461 It was reported that unrar fixed a VMSFDELTA memory corruption issue in their latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. For Debian...

unrar 5.40 - VMSF_DELTA Filter Arbitrary Memory Write

unrar 5.40 - VMSFDELTA Filter Arbitrary Memory Write Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6 It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons...

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

Integer overflow

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

CVE-2012-6706

CVE-2012-6706 is a VMSF_DELTA memory corruption in unrar <5.5.5 (used in Sophos Anti-Virus Threat Detection Engine

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

CVE-2012-6706

A VMSFDELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the...

Unrar VMSF_DELTA Arbitrary Memory Write Exploit

It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day. VMSFDELTA...

Unrar VMSF_DELTA Arbitrary Memory Write

VMSFDELTA filter in unrar allows arbitrary memory write It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug...