Описание
WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:winrar:3.41:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.05202
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.
EPSS
Процентиль: 89%
0.05202
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other