Search for packages
| purl | pkg:deb/ubuntu/unrar@1:0.0.1-1 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1hu4-5cj9-aaap
Aliases: CVE-2017-12940 |
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. | There are no reported fixed by versions. |
|
VCID-fyqp-bqj9-aaaq
Aliases: CVE-2017-12941 |
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. | There are no reported fixed by versions. |
|
VCID-v4p2-8vhg-aaac
Aliases: CVE-2017-12942 |
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. | There are no reported fixed by versions. |
|
VCID-vxxz-hdyh-aaar
Aliases: CVE-2017-12938 |
UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file. | There are no reported fixed by versions. |
|
VCID-z9ce-vj34-aaas
Aliases: CVE-2012-6706 |
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the "DestPos" variable, which allows the attacker to write out of bounds when setting Mem[DestPos]. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|