Remote exploitation of a stack based buffer overflow
vulnerability in RARLabs Unrar may allow an attacker to
execute arbitrary code with the privileges of the user
opening the archive.
Unrar is prone to a stack based buffer overflow when
processing specially crafted password protected
archives.
If users are using the vulnerable command line based
unrar, they still need to interact with the program in
order to trigger the vulnerability. They must respond to
the prompt asking for the password, after which the
vulnerability will be triggered. They do not need to enter
a correct password, but they must at least push the enter
key.