Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of     uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or     execute arbitrary code via a crafted RAR archive. (CVE-2018-10115)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 942fff11-5ac4-11ec-89ea-c85b76ce9b5a advisory.

  - Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of     uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or     execute arbitrary code via a crafted RAR archive. (CVE-2018-10115)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of 7-Zip installed on the remote Windows host contains a flaw in the NArchive::NRar::CHandler::Extract method in Archive/Rar/RarHandler.cpp. The issue is triggered as certain input is not properly validated when performing 'solid' decompression of a RAR archive. With a specially crafted file, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.

ID	Name	Product	Family	Severity
254724	Linux Distros Unpatched Vulnerability : CVE-2018-10115	Nessus	Misc.	high
184464	FreeBSD : p7zip -- usage of uninitialized memory (942fff11-5ac4-11ec-89ea-c85b76ce9b5a)	Nessus	FreeBSD Local Security Checks	high
109730	7-Zip < 18.05 Memory Corruption Arbitrary Code Execution	Nessus	Windows	high

Detections

Analytics

CVE-2018-10115

high

Tenable Plugins

high

high

high