unrar
Page content
- Author: voroskoi
- Vulnerable: 3.6.8-1
- Unaffected: 3.7.3-1siwenna1
A vulnerability has been reported in RARLabs UnRAR, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error when processing password-protected archives using the UnRAR command line utility. This can be exploited to cause a stack-based buffer overflow via a specially crafted password-protected archive. Successful exploitation requires that the user is e.g. tricked into opening a password-protected archive and respond to the password prompt.
- Bug Tracker URL: http://bugs.frugalware.org/task/1710