CVE Vulnerabilities

CVE-2004-1254

Published: Jan 10, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.

Affected Software

Name Vendor Start Version End Version
Winrar Rarlab 3.0.0 3.0.0
Winrar Rarlab 3.10 3.10
Winrar Rarlab 3.41 3.41
Winrar Rarlab 3.20 3.20
Winrar Rarlab 3.40 3.40
Winrar Rarlab 3.10_beta3 3.10_beta3
Winrar Rarlab 3.10_beta5 3.10_beta5
Winrar Rarlab 3.11 3.11

References