Rarzilla: >> Unrar-Free >> 0.0.1 Security Vulnerabilities
unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-12
unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via an RAR archive containing a long filename.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-07-12