Unrar
CVE-2017-14122
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
AnalysisAI
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp. Affected products include: Rarlab Unrar, Debian Debian Linux.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) o
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engin
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. Rated critical severity (CV
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. Rated critical severity (CVSS 9.8
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHe
UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a
Out-of-bounds heap write in the RAR5 recovery-volume (.rev) parser of WinRAR, RAR, UnRAR, and unrar.dll (versions before
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathname
The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer derefer
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today