Description
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
Affected products
- arj_software_inc. / unarj2.62 – 2.62
- arj_software_inc. / unarj2.63_a – 2.63_a
- arj_software_inc. / unarj2.64 – 2.64
- arj_software_inc. / unarj2.65 – 2.65
- gentoo / linux
- SUSE / suse_linux9.0 – 9.0
- SUSE / suse_linux9.1 – 9.1
- SUSE / suse_linux9.2 – 9.2
References
- VENDOR_ADVISORYhttp://www.debian.org/security/2005/dsa-652
- MISChttp://www.securityfocus.com/bid/11665
- MISChttp://www.redhat.com/support/errata/RHSA-2005-007.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/18044
- MISChttp://www.gentoo.org/security/en/glsa/glsa-200411-29.xml
- MISChttp://lwn.net/Articles/121827/