suse · CVE-2017-20006

Quick triage

Priority: medium 公開: 2021-07-03 00:28:31 UTC Updated: 2024-07-27 00:40:37 UTC

参照: Official suse advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-20006 severity moderate: SUSE including 4 source package names (libunrar-devel-5.6.1-4.5.1, libunrar5_6_1-5.6.1-4.5.1, unrar, unrar-5.6.1-4.5.1), 20 product×package rows across 19 product lines (SUSE Enterprise Storage 5, SUSE Linux Enterprise Point of Service 11 SP3, … (19 product lines)): Fixed 16, Known Not Affected 4.

Description:

UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).

cvelogic Threat Intelligence