CVE Vulnerabilities

CVE-2004-1254

Published: Jan 10, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.

Affected Software

Name Vendor Start Version End Version
Winrar Rarlab 3.0.0 3.0.0
Winrar Rarlab 3.10 3.10
Winrar Rarlab 3.10_beta3 3.10_beta3
Winrar Rarlab 3.10_beta5 3.10_beta5
Winrar Rarlab 3.11 3.11
Winrar Rarlab 3.20 3.20
Winrar Rarlab 3.40 3.40
Winrar Rarlab 3.41 3.41

References