Vulnerabilities > CVE-2017-20006 - Out-of-bounds Write vulnerability in Rarlab Unrar 5.6.1.2/5.6.1.3

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
rarlab
CWE-787
NVD
Published: 2021-07-01
Updated: 2021-07-07

Summary

UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).

Vulnerable Configurations

Part Description Count
Application
Rarlab
2
OS
Linux
1

Common Weakness Enumeration (CWE)

References