Date: Wed, 21 Jun 2017 14:20:01 +0200 From: Alexander Bergmann <abergmann@...e.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write Hi, It was reported that unrar fixed a VMSF_DELTA memory corruption issue in there latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6#maincol Reproducer: Base64-encoded RAR file to trigger the VMSF_DELTA issue: UmFyIRoHAPlOcwAADgAAAAAAAAAAMAh0AAAmAI4AAAAAAAAAAhBBUiEAAAAAHQAGAAAAACBzdGRv dXQgIVUMzRDNmBGByDAda+AXaSv4KvQr1K/oejL05mXmXmww5tEk8gA9k8nmieyeyeswuOR6cx69 a2Hd6zQwu3aoMDDwMEswADAAMD4P938w+dydoRFwAmwAAAAAvv////+/////+9W3QFgAAQAGAAAA Ooimhd12AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA As far as I can tell no CVE was assigned to this issue so far. Regrads, Alex~ -- Alexander Bergmann <abergmann@...e.com>, Security Engineer, GPG:9FFA4886 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg) Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.