CVE-2017-11189
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121.
unrarlib.c en unrar-free versión 0.0.1 podría permitir a atacantes remotos causar una denegación de servicio (desviación del puntero NULL y caída de la aplicación), lo que podría ser relevante si unrarlib se utiliza como código de biblioteca para una aplicación de larga duración. NOTA: uno de los varios casos de prueba en las referencias puede ser el mismo que se reportó por separado como CVE-2017-14121
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-07-12 CVE Reserved
- 2017-07-12 CVE Published
- 2023-05-22 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://github.com/0x09AL/my-exploits/tree/master/pocs/unrar-free/dos | 2024-08-05 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Rarzilla Search vendor "Rarzilla" | Unrar-free Search vendor "Rarzilla" for product "Unrar-free" | 0.0.1 Search vendor "Rarzilla" for product "Unrar-free" and version "0.0.1" | - |
Affected
|