diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-26 14:22:52 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-26 14:22:52 +0200 |
commit | f9fc85be7b9373be8df783aacff6b92e4c80f1f2 (patch) | |
tree | 76267bd1716f145f3ad98980d40ff2f6ffcb1bb4 /data/CVE/2017.list | |
parent | 1d1c9d9cc33f76199c48561240bdaf57663d9a2b (diff) |
Update information on old CVE-2017-11189/unrar-free
Diffstat (limited to 'data/CVE/2017.list')
-rw-r--r-- | data/CVE/2017.list | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 1e57790a1e..7136e6cbdf 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -22136,8 +22136,10 @@ CVE-2017-11190 (unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, - unrar-free <unfixed> (unimportant) NOTE: Affected debug code not enabled CVE-2017-11189 (unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a ...) - - unrar-free <unfixed> (unimportant) + - unrar-free 1:0.0.1+cvs20140707-4 (unimportant) NOTE: Crash in CLI tool, no security impact + NOTE: https://github.com/0x09AL/my-exploits/blob/master/pocs/unrar-free/dos/DESCRIPTION + NOTE: Same fix as CVE-2017-14121 and possibly to be considered a duplicate CVE-2017-11187 (phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks t ...) NOT-FOR-US: phpMyFAQ CVE-2017-11186 |