PT-2004-1120 · Unrarj Team · Unarj

Published

2004-11-24

Updated

2023-03-24

CVE-2004-0947

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions unarj versions prior to 2.63a-r2

Description The issue is caused by a buffer overflow in the unarj library, which handles data archiving. This can be exploited by a remote attacker to execute arbitrary code using an arj archive containing files with excessively long filenames.

Recommendations For versions prior to 2.63a-r2, update to version 2.63a-r2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of arj archives with long filenames until the update is applied.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2017-00282

CVE-2004-0947

DSA-652-1

MGASA-2023-0107

Affected Products

Unarj

PT-2004-1120 · Unrarj Team · Unarj

CVE-2004-0947

Weakness Enumeration

Related Identifiers

Affected Products

References · 12