Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-1000878

A use-after-free issue has been found in libarchive >= 3.1.0 and <=3.3.3, in the archive_read_format_rar_read_header() function in archive_read_support_format_rar.c. An attacker can use a specially crafted RAR file to cause the vulnerable function to free the buffer and allocate a new one, causing the ppmd7 decoder to continue reading from and writing to the freed buffer.

Source

Severity High

Remote No

Type Arbitrary code execution

Description

A use-after-free issue has been found in libarchive >= 3.1.0 and <=3.3.3, in the archive_read_format_rar_read_header() function in archive_read_support_format_rar.c. An attacker can use a specially crafted RAR file to cause the vulnerable function to free the buffer and allocate a new one, causing the ppmd7 decoder to continue reading from and writing to the freed buffer.

AVG-837 libarchive 3.3.3-1 3.3.3-2 High Vulnerable

https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
https://github.com/libarchive/libarchive/pull/1105
https://github.com/libarchive/libarchive/commit/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect