Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 21/12/2005 Updated: 19/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote malicious users to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dec2rar.dll dec2rar.dll 3.2.14.3

NVD-CWE-Other http://www.rem0te.com/public/images/symc2.pdf http://secunia.com/advisories/18131 http://www.kb.cert.org/vuls/id/305272 http://www.securityfocus.com/bid/15971 http://securitytracker.com/id?1015384 http://securityreason.com/securityalert/276 http://www.vupen.com/english/advisories/2005/3003 http://www.securityfocus.com/archive/1/419853/100/0/threaded https://nvd.nist.gov https://www.kb.cert.org/vuls/id/305272

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4438

Vulnerability Summary

References

Vulmon Search

About

Products

Connect