Vulnerability in Rarlab Unrar
CVE-2007-0855
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive.
EPSS: 0.040 (89.1th percentile) — read the EPSS interpretation.
Affected products
- Rarlab Unrar — versions 3.60, 3.61
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_SUSE)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_IDEFENSE, Patch, Vendor Advisory, third-party-advisory)
- cve@mitre.org (Patch, vdb-entry, x_refsource_SECTRACK)