Description
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
References (6)
Core 6
Core References
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-652
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11665
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-007.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18044
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200411-29.xml
Various Sources vendor-advisory
x_refsource_fedora
http://lwn.net/Articles/121827/
Scores
EPSS
0.0675
EPSS Percentile
91.4%
Details
Status
published
Products (8)
arj_software_inc./unarj
2.62
arj_software_inc./unarj
2.63_a
arj_software_inc./unarj
2.64
arj_software_inc./unarj
2.65
gentoo/linux
suse/suse_linux
9.0
suse/suse_linux
9.1
suse/suse_linux
9.2
Published
Feb 09, 2005
Tracked Since
Feb 18, 2026