RARLAB Unrar Password Protected Archives Buffer Overflow Vulnerability
BID:22447
Info
RARLAB Unrar Password Protected Archives Buffer Overflow Vulnerability
| Bugtraq ID: | 22447 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0855 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 07 2007 12:00AM |
| Updated: | Mar 19 2015 09:26AM |
| Credit: | The reporter of this issue wishes to remain anonymous. |
| Vulnerable: |
SuSE SUSE Linux Enterprise Server 9 SuSE SUSE Linux Enterprise Server 8 SuSE SUSE Linux Enterprise Server 10 SuSE SUSE Linux Enterprise Desktop 10 SuSE Linux Professional 10.2 x86_64 SuSE Linux Personal 10.2 x86_64 S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Standard Server 8.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. openSUSE 10.2 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 10.2 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 10.2 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux Desktop 10 RARLAB UnRar 3.61 RARLAB UnRar 3.60 Gentoo Linux |
| Not Vulnerable: |
RARLAB UnRar 3.70 beta |
Discussion
RARLAB Unrar Password Protected Archives Buffer Overflow Vulnerability
Unrar is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user opening the archive.
This issue affects version 3.60 for Linux and 3.61 for Windows; prior versions may also be affected.
Unrar is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user opening the archive.
This issue affects version 3.60 for Linux and 3.61 for Windows; prior versions may also be affected.
Exploit / POC
RARLAB Unrar Password Protected Archives Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
RARLAB Unrar Password Protected Archives Buffer Overflow Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
RARLAB Unrar Password Protected Archives Buffer Overflow Vulnerability
References:
References: