GCVE-VVD-MAGEIA-2017-304 — Vulnetix

GCVE-VVD-MAGEIA-2017-304

Advisory Published

Vulnetix · Advisory published August 24, 2017

Directory traversal issue in UnRAR before 5.5.7 (CVE-2017-12938). libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function (CVE-2017-12940). libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function (CVE-2017-12941). libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function (CVE-2017-12942).

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
Mageia	unrar	0 (affected), 5.50-1.mga6.nonfree (unaffected)	—

Aliases

CVE-2017-12938 CVE-2017-12941 CVE-2017-12940 CVE-2017-12942

Transitive aliases

EUVD-2017-4462 EUVD-2017-4465 VVD-MAGEIA-2017-302 VVD-GENTOO-2017-628194 EUVD-2017-4466 BDU:2017-02010 GHSA-hc8j-qhm9-c5f4 GHSA-6cw7-hrcm-224w BDU:2017-02011 EUVD-2017-4464 BDU:2023-09071 BDU:2017-02009 GHSA-hj36-9f44-43h2 GHSA-7rmv-8xhh-9hgp

References

Updated unrar packages fix security vulnerabilities

advisory

Updated unrar packages fix security vulnerabilities

issue

Updated unrar packages fix security vulnerabilities

issue

Updated unrar packages fix security vulnerabilities

issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON

$ Console Community · 100/wk Open console ›