Debian Libclamunrar vulnerabilities
4 known vulnerabilities affecting debian/libclamunrar.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2012-6706P2CRITICALCVSS 9.8PoCfixed in libclamunrar 0.99-4 (bookworm)2012
CVE-2012-6706 [CRITICAL] CVE-2012-6706: libclamunrar - A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in ...
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the "DestPos" variable, which allows the attacker to write out of boun
debian
CVE-2023-40477P3HIGHCVSS 7.8fixed in libclamunrar 1.0.3-1~deb12u1 (bookworm)2023
CVE-2023-40477 [HIGH] CVE-2023-40477: libclamunrar - RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Exe...
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla
debian
CVE-2019-1785P3HIGHCVSS 7.8fixed in clamav 0.101.2+dfsg-1 (bookworm)2019
CVE-2019-1785 [HIGH] CVE-2019-1785: clamav - A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV...
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attack
debian
CVE-2019-1798P4MEDIUMCVSS 5.5fixed in clamav 0.101.2+dfsg-1 (bookworm)2019
CVE-2019-1798 [MEDIUM] CVE-2019-1798: clamav - A vulnerability in the Portable Executable (PE) file scanning functionality of C...
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected devi
debian