ClamAV / UnRAR - .RAR Handling Remote Null Pointer Dereference

EDB-ID:

30291




Platform:

Linux

Date:

2007-07-11


source: https://www.securityfocus.com/bid/24866/info

Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability.

A successful attack will result in denial-of-service conditions. Attackers may also be able to exploit this issue to execute arbitrary code, but this has not been confirmed.

This issue affects the following:

ClamAV prior to 0.91
'UnRAR' 3.70; other versions may also be vulnerable.

Other applications using the vulnerabile 'UnRAR' utility are affected by this issue. We will update this BID as more information emerges. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30291.rar