CVE Vulnerabilities

CVE-2004-1254

Published: Jan 10, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.

Affected Software

Name Vendor Start Version End Version
Winrar Rarlab 3.0.0 (including) 3.0.0 (including)
Winrar Rarlab 3.10 (including) 3.10 (including)
Winrar Rarlab 3.10_beta3 (including) 3.10_beta3 (including)
Winrar Rarlab 3.10_beta5 (including) 3.10_beta5 (including)
Winrar Rarlab 3.11 (including) 3.11 (including)
Winrar Rarlab 3.20 (including) 3.20 (including)
Winrar Rarlab 3.40 (including) 3.40 (including)
Winrar Rarlab 3.41 (including) 3.41 (including)

References