Buffer Overflow Vulnerability in WinRAR by RARLABS
CVE-2006-3845

Currently unrated

Key Information:

Vendor

Rarlab

Status
Winrar
Vendor
CVE Published:
25 July 2006

What is CVE-2006-3845?

A stack-based buffer overflow vulnerability exists in the lzh.fmt file processing within WinRAR versions 3.00 to 3.60 beta 6. This flaw can be exploited by remote attackers through the manipulation of long filenames within LHA archives, potentially allowing them to execute arbitrary code on affected systems. Users of vulnerable versions of WinRAR are advised to upgrade to a patched version to mitigate the risks associated with this vulnerability.

References

http://secunia.com/advisories/21080
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/19043
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/27815
vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.