Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Winrar | Rarlab | 2.90 (including) | 2.90 (including) |
| Winrar | Rarlab | 3.0.0 (including) | 3.0.0 (including) |
| Winrar | Rarlab | 3.10 (including) | 3.10 (including) |
| Winrar | Rarlab | 3.10_beta3 (including) | 3.10_beta3 (including) |
| Winrar | Rarlab | 3.10_beta5 (including) | 3.10_beta5 (including) |
| Winrar | Rarlab | 3.11 (including) | 3.11 (including) |
| Winrar | Rarlab | 3.20 (including) | 3.20 (including) |
| Winrar | Rarlab | 3.40 (including) | 3.40 (including) |
| Winrar | Rarlab | 3.41 (including) | 3.41 (including) |
| Winrar | Rarlab | 3.42 (including) | 3.42 (including) |
| Winrar | Rarlab | 3.50 (including) | 3.50 (including) |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0266.html
- http://secunia.com/advisories/16973/
- http://secunia.com/secunia_research/2005-53/advisory/
- http://www.osvdb.org/19915
- http://www.rarlabs.com/rarnew.htm
- http://www.securityfocus.com/bid/15062
- http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0266.html
- http://secunia.com/advisories/16973/
- http://secunia.com/secunia_research/2005-53/advisory/
- http://www.osvdb.org/19915
- http://www.rarlabs.com/rarnew.htm
- http://www.securityfocus.com/bid/15062