diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-26 14:22:52 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-26 14:22:52 +0200 |
commit | a2f5304ad9a7bb08bda91701113f391ebb6806fe (patch) | |
tree | cc910a0e095e3380c9280498799b806b57a741e1 /data/CVE/list.2017 | |
parent | 8da696b703874624553a3269c9de2b65c124f4a8 (diff) |
Update information on old CVE-2017-11189/unrar-free
Diffstat (limited to 'data/CVE/list.2017')
-rw-r--r-- | data/CVE/list.2017 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017 index 1e57790a1e..7136e6cbdf 100644 --- a/data/CVE/list.2017 +++ b/data/CVE/list.2017 @@ -22136,8 +22136,10 @@ CVE-2017-11190 (unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, - unrar-free <unfixed> (unimportant) NOTE: Affected debug code not enabled CVE-2017-11189 (unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a ...) - - unrar-free <unfixed> (unimportant) + - unrar-free 1:0.0.1+cvs20140707-4 (unimportant) NOTE: Crash in CLI tool, no security impact + NOTE: https://github.com/0x09AL/my-exploits/blob/master/pocs/unrar-free/dos/DESCRIPTION + NOTE: Same fix as CVE-2017-14121 and possibly to be considered a duplicate CVE-2017-11187 (phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks t ...) NOT-FOR-US: phpMyFAQ CVE-2017-11186 |