MGASA-2017-0302

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0302.html

Import Source

https://advisories.mageia.org/MGASA-2017-0302.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0302

Related

Published

2017-08-24T21:18:23Z

Modified

2017-08-24T20:37:58Z

Summary

Updated unrar packages fix security vulnerabilities

Details

VMSF_DELTA memory corruption (CVE-2012-6706).

Directory traversal issue in UnRAR before 5.5.7 (CVE-2017-12938).

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function (CVE-2017-12940).

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function (CVE-2017-12941).

libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function (CVE-2017-12942).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2017-0302

Affected packages