#VU8604 Out-of-bounds read in UnRar - CVE-2017-12941

Cybersecurity Help s.r.o.

Published: 2017-09-26

Vulnerability identifier: #VU8604

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-12941

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
UnRar
Client/Desktop applications / Software for archiving

Vendor: RARLAB

Description

The vulnerability allows a remote attacker to crash the affected application.

The vulnerability exists due to out-of-bounds read in libunrar.a in UnRAR before 5.5.7 in the Unpack::Unpack20 function. A remote attacker can create a specially crafted archive and crash the affected application.

Mitigation
Update to version 5.5.7.

Vulnerable software versions

UnRar: 5.5.6

External links
https://seclists.org/oss-sec/2017/q3/290

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in McAfee Web Gateway

Gentoo update for RAR, UnRAR

Multiple vulnerabilities in UnRar