Rarzilla Unrar-Free vulnerabilities

CVE-2017-14122 [CRITICAL] CVE-2017-14122: unrar 0 unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.

CVE-2017-14120 [HIGH] CVE-2017-14120: unrar 0 unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory.

CVE-2017-14121 [MEDIUM] CVE-2017-14121: The DecodeNumber function in unrarlib The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references.

CVE-2017-11190 [HIGH] CWE-119 CVE-2017-11190: unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might allow remote attackers to cau unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via an RAR archive containing a long filename.

CVE-2017-11189 [MEDIUM] CWE-476 CVE-2017-11189: unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL point unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121.