ID CVE-2007-0855
Summary Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive.
References
Vulnerable Configurations
  • cpe:2.3:a:rarlab:unrar:3.60
    cpe:2.3:a:rarlab:unrar:3.60
  • cpe:2.3:a:rarlab:unrar:3.61
    cpe:2.3:a:rarlab:unrar:3.61
CVSS
Base: 6.8 (as of 12-02-2007 - 07:50)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_94234E00BE8A11DBB2EC000C6EC775D9.NASL
    description iDefense reports : Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password protected archives. If users are using the vulnerable command line based unrar, they still need to interact with the program in order to trigger the vulnerability. They must respond to the prompt asking for the password, after which the vulnerability will be triggered. They do not need to enter a correct password, but they must at least push the enter key.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 24366
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24366
    title FreeBSD : rar -- password prompt buffer overflow vulnerability (94234e00-be8a-11db-b2ec-000c6ec775d9)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_UNRAR-2996.NASL
    description This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. (CVE-2007-0855)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27473
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27473
    title openSUSE 10 Security Update : unrar (unrar-2996)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_UNRAR-2997.NASL
    description This update fixes a stack-absed buffer overflow in unrar that can be exploited with user-assistence by sending a password-protected archive. (CVE-2007-0855)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29593
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29593
    title SuSE 10 Security Update : unrar (ZYPP Patch Number 2997)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200702-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-200702-04 (RAR, UnRAR: Buffer overflow) RAR and UnRAR contain a boundary error when processing password-protected archives that could result in a stack-based buffer overflow. Impact : A remote attacker could entice a user to process a specially crafted password-protected archive and execute arbitrary code with the rights of the user uncompressing the archive. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 24353
    published 2007-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24353
    title GLSA-200702-04 : RAR, UnRAR: Buffer overflow
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_11465.NASL
    description This update fixes a stack-based buffer overflow in unrar that can be exploited with user-assistance by sending a password-protected archive. (CVE-2007-0855)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41121
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41121
    title SuSE9 Security Update : unrar (YOU Patch Number 11465)
refmap via4
bid 22447
gentoo GLSA-200702-04
idefense 20070207 RARLabs Unrar Password Prompt Buffer Overflow Vulnerability
osvdb 33124
sectrack 1017593
secunia
  • 24077
  • 24165
suse SUSE-SR:2007:005
vupen ADV-2007-0523
xf unrar-password-archive-bo(32357)
Last major update 07-03-2011 - 21:50
Published 08-02-2007 - 13:28
Last modified 28-07-2017 - 21:30
Back to Top