Errata overview
Errata ID 283
Date 2018-01-31
Source package unrar-nonfree
Fixed in version 1:5.2.7-0.1+deb8u1
This update addresses the following issue:
* A VMSF_DELTA memory corruption was discovered, that can lead to arbitrary
  code execution. An integer overflow can be caused in DataSize+CurChannel.
  The result is a negative value of the "DestPos" variable, which allows the
  attacker to write out of bounds when setting Mem[DestPos]. (CVE-2012-6706)
Additional notes
CVE ID CVE-2012-6706
UCS Bug number #46163