Vulnerabilities > CVE-2007-3726 - Unspecified vulnerability in Rarlab Unrar 3.70Beta3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive that causes a negative signed number to be cast to a large unsigned number.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://www.securityfocus.com/archive/1/473376/100/0/threaded
- http://securityreason.com/securityalert/2880
- http://osvdb.org/39603
- http://www.securityfocus.com/archive/1/475155/30/5610/threaded
- http://www.securityfocus.com/archive/1/473373/100/0/threaded
- http://www.securityfocus.com/archive/1/473371/100/0/threaded