Unrated severityNVD Advisory· Published Jul 1, 2021· Updated Aug 5, 2024
CVE-2017-20006
CVE-2017-20006
Description
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- UnRAR/UnRARdescription
- Range: 5.6.1.2 – 5.6.1.3
- osv-coords12 versionspkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/unrar&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/unrar&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/unrar&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/unrar&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 5.6.1-4.5.1+ 11 more
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
- (no CPE)range: < 5.6.1-4.5.1
Patches
Vulnerability mechanics
References
3- bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
- github.com/aawc/unrar/commit/0ff832d31470471803b175cfff4e40c1b08ee779mitrex_refsource_MISC
- github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2017-104.yamlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.