cbcvebase.
CVE-2007-0855
published 2007-02-08

CVE-2007-0855: Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary…

PriorityP430medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
3.95%
89.1th percentile
Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive.

Affected

8 ranges
VendorProductVersion rangeFixed in
debianrar< rar 1:3.7b1-1 (bookworm)rar 1:3.7b1-1 (bookworm)
debianunrar-nonfree< rar 1:3.7b1-1 (bookworm)rar 1:3.7b1-1 (bookworm)
rarlabrar>= 0 < 1:3.7b1-11:3.7b1-1
rarlabrar>= 0 < 1:3.7b1-11:3.7b1-1
rarlabrar>= 0 < 1:3.7b1-11:3.7b1-1
rarlabrar>= 0 < 1:3.7b1-11:3.7b1-1
rarlabunrar
rarlabunrar

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.