Miggo Logo
Miggo Vulnerability Database
CVE-2018-12418

CVE-2018-12418: Junrar vulnerable to Infinite Loop

5.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-12418
GHSA ID
GHSA-5xqr-grq4-qwgx
EPSS Score
0.60736%
CWE
CWE-835
Published
10/17/2018
Updated
1/12/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.github.junrar:junrarmaven< 1.0.11.0.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the readHeaders method's loop structure. Key indicators:

  1. Pre-patch code used while(true) without tracking processed file positions, allowing infinite re-processing of corrupted position markers.
  2. Header size allocations used 'new byte[toRead]' without validation, enabling potential negative or excessively large allocations that could subvert loop exit logic.
  3. The patch introduced: a) A position tracking Set to detect cycles, b) A MAX_HEADER_SIZE constant, c) A safelyAllocate method to validate buffer sizes - all addressing the infinite loop vector.
  4. CWE-835 directly maps to the loop's pre-patch inability to guarantee exit conditions when processing malicious inputs.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*r**iv*.j*v* in Junr*r ***or* *.*.*, *s us** in *p**** Tik* *n* ot**r pro*u*ts, is *****t** *y * **ni*l o* s*rvi** vuln*r**ility *u* to *n in*init* loop w**n **n*lin* *orrupt R*R *il*s.

Reasoning

T** vuln*r**ility st*ms *rom t** r********rs m*t*o*'s loop stru*tur*. K*y in*i**tors: *. Pr*-p*t** *o** us** w*il*(tru*) wit*out tr**kin* pro**ss** *il* positions, *llowin* in*init* r*-pro**ssin* o* *orrupt** position m*rk*rs. *. *****r siz* *llo**ti