FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

unarj -- long filename buffer overflow

Affected packages
unarj < 2.43_2

Details

VuXML ID a163baff-3fe1-11d9-a9e7-0001020eed82
Discovery 2004-11-09
Entry 2004-11-26

Ludwig Nussel has discovered a buffer overflow vulnerability in unarj's handling of long filenames which could potentially lead to execution of arbitrary code with the permissions of the user running unarj.

References

Bugtraq ID 11665
CVE Name CVE-2004-0947

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.