1. CVE-Search
  2. CVE-2007-1457
ID CVE-2007-1457
Summary Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument.
References
Vulnerable Configurations
  • cpe:2.3:a:christian_scheurer:unrarlib:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:christian_scheurer:unrarlib:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:christian_scheurer:urarfilelib:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:christian_scheurer:urarfilelib:0.4:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 08-03-2011 - 02:52)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 22942
fulldisc 20070313 Unrarlib 0.4.0 (urarlib_get) Local buffer overflow
misc http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup
osvdb 34076
secunia 24472
vupen ADV-2007-0961
Last major update 08-03-2011 - 02:52
Published 14-03-2007 - 18:19
Last modified 08-03-2011 - 02:52
Back to Top