Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
Name | Vendor | Start Version | End Version |
---|---|---|---|
7-zip | 7-zip | * | 18.03 (including) |
P7zip-rar | Ubuntu | artful | * |
P7zip-rar | Ubuntu | bionic | * |
P7zip-rar | Ubuntu | cosmic | * |
P7zip-rar | Ubuntu | trusty | * |
P7zip-rar | Ubuntu | xenial | * |