cbcvebase.
CVE-2018-10115
published 2018-05-02

CVE-2018-10115: Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a…

PriorityP180high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
ITWVulnCheck KEVRansomware
Exploited in the wild
EPSS
4.73%
90.7th percentile
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.

Affected

2 ranges
VendorProductVersion rangeFixed in
7-zip7-zip<= 18.03
debianp7zip-rar< p7zip-rar 16.02-3 (bookworm)p7zip-rar 16.02-3 (bookworm)

Detection & IOCsextracted from sources · hover to see the quote

  • Trigger vector is a crafted RAR archive processed by 7-Zip's RAR decoder; any RAR file submitted to 7-Zip ≤18.03 should be treated as potentially malicious in this context.
  • The vulnerability lies in the RAR decoder component specifically; monitor or restrict RAR archive processing in 7-Zip / p7zip builds that include RAR support.
  • Detailed exploitation analysis (uninitialized memory to RCE) is available at the researcher's write-up; useful for building behavioral detections around 7-Zip RAR parsing crashes/exploits.
  • ·Fedora and EPEL p7zip packages are NOT affected because RAR source code was removed due to license incompatibility with LGPL; no patch needed for those builds.
  • ·Red Hat Enterprise Linux 8 p7zip is also listed as not affected for the same reason (no RAR support in the package).
  • ·Only 7-Zip / p7zip builds that include RAR decoder support are vulnerable; verify whether the deployed binary includes RAR support before prioritising remediation.

CVSS provenance

nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv7.8HIGH
vulncheck7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.