unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2017/08/20/1 | Mailing List Third Party Advisory |
https://bugs.debian.org/874060 | Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00026.html | Mailing List Third Party Advisory |
Configurations
History
25 Feb 2021, 17:17
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/02/msg00026.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 6.4
v3 : 9.1 |
19 Feb 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2017-09-03 20:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-14122
Mitre link : CVE-2017-14122
CVE.ORG link : CVE-2017-14122
JSON object : View
Products Affected
debian
- debian_linux
rarlab
- unrar
CWE
CWE-125
Out-of-bounds Read