Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-33899
HistoryApr 29, 2024 - 12:00 a.m.

CVE-2024-33899

2024-04-2900:00:00
ubuntu.com
ubuntu.com
13
rarlab
winrar
unix
spoofing
vulnerability
ansi escape sequences
denial of service

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

9.0%

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to
spoof the screen output, or cause a denial of service, via ANSI escape
sequences.

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

9.0%