Date: Thu, 22 Jun 2017 14:56:38 +0200 From: Alexander Bergmann <abergmann@...e.com> To: oss-security@...ts.openwall.com Cc: thomasdullien@...gle.com Subject: Re: CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write On Wed, Jun 21, 2017 at 02:20:01PM +0200, Alexander Bergmann wrote: > Hi, > > It was reported that unrar fixed a VMSF_DELTA memory corruption issue in > there latest version unrarsrc-5.5.5.tar.gz. This problem was reported to > Sophos AV in 2012 but never reach upstream rar. > > https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6#maincol > > Reproducer: > > Base64-encoded RAR file to trigger the VMSF_DELTA issue: > > UmFyIRoHAPlOcwAADgAAAAAAAAAAMAh0AAAmAI4AAAAAAAAAAhBBUiEAAAAAHQAGAAAAACBzdGRv > dXQgIVUMzRDNmBGByDAda+AXaSv4KvQr1K/oejL05mXmXmww5tEk8gA9k8nmieyeyeswuOR6cx69 > a2Hd6zQwu3aoMDDwMEswADAAMD4P938w+dydoRFwAmwAAAAAvv////+/////+9W3QFgAAQAGAAAA > Ooimhd12AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > > As far as I can tell no CVE was assigned to this issue so far. Mitre.org assigned CVE-2012-6706 to this issue. Regards, Alex~ -- Alexander Bergmann <abergmann@...e.com>, Security Engineer, GPG:9FFA4886 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg) Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ