Buffer Overflow Vulnerability in RARLAB WinRAR Products
CVE-2005-3263

Currently unrated

Key Information:

Vendor: Rarlab
Status: Winrar
Vendor: CVE Published:; 20 October 2005

Summary

A stack-based buffer overflow vulnerability exists in the UNACEV2.DLL library of RARLAB's WinRAR versions 2.90 through 3.50. This issue enables remote attackers to execute arbitrary code on a victim's system by exploiting specially crafted ACE archives containing files with excessively long filenames. Victims who open these malicious archives using an affected version of WinRAR may inadvertently compromise their systems, leading to unauthorized access and potential data breaches.

References

http://www.securityfocus.com/bid/15062

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

http://www.osvdb.org/19915

vdb-entryx_refsource_OSVDB

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 20, 2005
Vulnerability Reserved
Oct 20, 2005