Multiple Vulnerabilities in WinRAR by RARLAB
CVE-2008-7144

Currently unrated

Key Information:

Vendor: Rarlab
Status: Winrar
Vendor: CVE Published:; 1 September 2009

Summary

WinRAR, a popular file compression tool developed by RARLAB, is affected by several unspecified vulnerabilities prior to version 3.71. These vulnerabilities relate to the handling of various archive formats including ACE, ARJ, BZ2, CAB, GZ, LHA, RAR, TAR, and ZIP files. The implications of these vulnerabilities could allow for unforeseen impacts and attack vectors, particularly when handling crafted archives, as highlighted in testing conducted by the OUSPG PROTOS GENOME test suite for Archive Formats.

References

http://secunia.com/advisories/29407

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/43439

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2008/0916/references

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Sep 1, 2009
Vulnerability Reserved
Sep 1, 2009