First published: Thu Feb 10 2005(Updated: )
Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
RARLAB WinRAR | =3.0.0 | |
RARLAB WinRAR | =3.10 | |
RARLAB WinRAR | =3.41 | |
RARLAB WinRAR | =3.20 | |
RARLAB WinRAR | =3.42 | |
RARLAB WinRAR | =3.40 | |
RARLAB WinRAR | =3.10_beta3 | |
RARLAB WinRAR | =3.10_beta5 | |
RARLAB WinRAR | =3.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.