RARLAB WinRAR Vulnerability Allows Spoofing and Denial of Service on Linux and UNIX Platforms
CVE-2024-33899

7.1HIGH

Key Information:

Vendor: RARLAB
Status: Winrar
Vendor: CVE Published:; 29 April 2024

What is CVE-2024-33899?

RARLAB WinRAR, prior to version 7.00, is susceptible to security vulnerabilities on Linux and UNIX operating systems. Attackers may exploit ANSI escape sequences to manipulate the screen output, potentially leading to misleading information being displayed to users. Additionally, this vulnerability can be leveraged to induce a denial of service, causing disruptions to normal operations. Users are strongly advised to update to the latest version of WinRAR to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.rarlab.com/rarnew.htm

https://sdushantha.medium.com/ansi-escape-injection-vulne...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 29, 2024

JSON

RARLAB

What is CVE-2024-33899?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.