Stack-Based Buffer Overflow in WinRAR Prior to Version 3.60 Beta 8
CVE-2006-3912

Currently unrated

Key Information:

Vendor: Rarlab
Status: Winrar
Vendor: CVE Published:; 28 July 2006

Summary

A stack-based buffer overflow vulnerability exists in the SFX module of WinRAR versions prior to 3.60 beta 8. This critical issue can potentially allow an attacker to execute arbitrary code or crash the application, posing a security risk to users who handle compressed files. Attackers can exploit this flaw using specially crafted archive files, leading to significant security breaches. Users are recommended to update to the latest version of WinRAR to mitigate this threat.

References

http://www.osvdb.org/27031

vdb-entryx_refsource_OSVDB

https://www.exploit-db.com/exploits/1992

exploitx_refsource_EXPLOIT-DB

http://www.rarlabs.com/rarnew.htm

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 28, 2006
Vulnerability Reserved
Jul 27, 2006