CVSS: 7.8EPSS: 93%CPEs: 1EXPL: 26CVE-2018-20250 – WinRAR Absolute Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2018-20250
05 Feb 2019 — In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. En WinRAR, en versiones anteriores a la 5.61, hay una vulnerabilidad de salto de directorio al manipular el campo "filename" del formato ACE (en UNACEV2.dll). Cuando este campo se manipula con patro... • https://packetstorm.news/files/id/152618 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-36: Absolute Path Traversal •
CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 1CVE-2018-20251
https://notcve.org/view.php?id=CVE-2018-20251
05 Feb 2019 — In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. The UNACE module (UNACEV2.dll) creates files and folders as written in the filename field even when WinRAR validator noticed the traversal attempt and requestd to abort the extraction process. the operation is cancelled only after the folders and files were created but prior to them being written, therefore allowing the attacker to create empty files and folders everywher... • http://www.securityfocus.com/bid/106948 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-693: Protection Mechanism Failure •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20252
https://notcve.org/view.php?id=CVE-2018-20252
05 Feb 2019 — In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user. En WinRAR, en versiones anteriores la 5.60 (inclusive), hay una vulnerabilidad de escritura fuera de límites durante el análisis de formatos de archivo ACE y RAR manipulados. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto... • http://www.securityfocus.com/bid/106948 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14120
https://notcve.org/view.php?id=CVE-2017-14120
03 Sep 2017 — unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory. unrar 0.0.1 (también llamado unrar-free o unrar-gpl) cuenta con una vulnerabilidad de salto de directorio para archivos RAR v2: los nombres de ruta de tipo ../[nombre de archivo] se descomprimen en el directorio superior. • http://www.openwall.com/lists/oss-security/2017/08/20/1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14121
https://notcve.org/view.php?id=CVE-2017-14121
03 Sep 2017 — The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references. La función DecodeNumber en unrarlib.c en unrar versión 0.0.1 (también conocido como unrar-free o unrar-gpl) sufre un fallo de desviación de puntero NULL provocado por un archivo RAR manipulado. NOTA: esto puede ser lo mismo que uno de los varios casos ... • http://www.openwall.com/lists/oss-security/2017/08/20/1 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14122
https://notcve.org/view.php?id=CVE-2017-14122
03 Sep 2017 — unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp. unrar 0.0.1 (también llamado unrar-free o unrar-gpl) cuenta con una sobrelectura de búfer basada en pila en unrarlib.c, relacionado con ExtrFile y stricomp. • http://www.openwall.com/lists/oss-security/2017/08/20/1 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12940 – Gentoo Linux Security Advisory 201709-24
https://notcve.org/view.php?id=CVE-2017-12940
18 Aug 2017 — libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. libunrar.a en UnRAR en versiones anteriores a la 5.5.7 tiene un problema de lectura fuera de los límites de la memoria en la llamada EncodeFileName::Decode en la función Archive::ReadHeader15. Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. Versions less than 5.5.0_p20170811 are affected. • http://seclists.org/oss-sec/2017/q3/290 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12941 – Gentoo Linux Security Advisory 201709-24
https://notcve.org/view.php?id=CVE-2017-12941
18 Aug 2017 — libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. libunrar.a en UnRAR en versiones anteriores a la 5.5.7 tiene un problema de lectura fuera de los límites de la memoria en la función Unpack::Unpack20. Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. Versions less than 5.5.0_p20170811 are affected. • http://seclists.org/oss-sec/2017/q3/290 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12942 – Gentoo Linux Security Advisory 201709-24
https://notcve.org/view.php?id=CVE-2017-12942
18 Aug 2017 — libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. libunrar.a en UnRAR en versiones anteriores a la 5.5.7 tiene un problema de desbordamiento de búfer en la función Unpack::LongLZ. Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. Versions less than 5.5.0_p20170811 are affected. • http://seclists.org/oss-sec/2017/q3/290 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12938
https://notcve.org/view.php?id=CVE-2017-12938
18 Aug 2017 — UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file. UnRAR en versiones anteriores a la 5.5.7 permite a los atacantes remotos evitar los mecanismos de protección ante ataques de tipo Directory Traversal mediante vectores incluyendo un symlink al direction ".", un symlink al directorio ".." y un archivo regular. • http://seclists.org/oss-sec/2017/q3/290 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •