RARLAB Unrar Password Protected Archives Buffer Overflow Vulnerability

Unrar is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user opening the archive.

This issue affects version 3.60 for Linux and 3.61 for Windows; prior versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus