Medium severity6.5NVD Advisory· Published Jul 12, 2017· Updated May 13, 2026

CVE-2017-11189

Description

unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121.

Affected products

Rarzilla/Unrar Free
cpe:2.3:a:rarzilla:unrar-free:0.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/0x09AL/my-exploits/tree/master/pocs/unrar-free/dosnvdExploitThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000