Date: Thu, 22 Jun 2017 14:56:38 +0200 From: Alexander Bergmann <abergmann@...e.com> To: oss-security@...ts.openwall.com Cc: thomasdullien@...gle.com Subject: Re: CVE Request: unrar: VMSF_DELTA filter allows arbitrary memory write On Wed, Jun 21, 2017 at 02:20:01PM +0200, Alexander Bergmann wrote: > Hi, > > It was reported that unrar fixed a VMSF_DELTA memory corruption issue in > there latest version unrarsrc-5.5.5.tar.gz. This problem was reported to > Sophos AV in 2012 but never reach upstream rar. > > https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6#maincol > > Reproducer: > > Base64-encoded RAR file to trigger the VMSF_DELTA issue: > > UmFyIRoHAPlOcwAADgAAAAAAAAAAMAh0AAAmAI4AAAAAAAAAAhBBUiEAAAAAHQAGAAAAACBzdGRv > dXQgIVUMzRDNmBGByDAda+AXaSv4KvQr1K/oejL05mXmXmww5tEk8gA9k8nmieyeyeswuOR6cx69 > a2Hd6zQwu3aoMDDwMEswADAAMD4P938w+dydoRFwAmwAAAAAvv////+/////+9W3QFgAAQAGAAAA > Ooimhd12AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > > As far as I can tell no CVE was assigned to this issue so far. Mitre.org assigned CVE-2012-6706 to this issue. Regards, Alex~ -- Alexander Bergmann <abergmann@...e.com>, Security Engineer, GPG:9FFA4886 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nürnberg) Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.