Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Winrar | Rarlab | 3.0.0 (including) | 3.0.0 (including) |
| Winrar | Rarlab | 3.10 (including) | 3.10 (including) |
| Winrar | Rarlab | 3.10_beta3 (including) | 3.10_beta3 (including) |
| Winrar | Rarlab | 3.10_beta5 (including) | 3.10_beta5 (including) |
| Winrar | Rarlab | 3.11 (including) | 3.11 (including) |
| Winrar | Rarlab | 3.20 (including) | 3.20 (including) |
| Winrar | Rarlab | 3.30 (including) | 3.30 (including) |
| Winrar | Rarlab | 3.40 (including) | 3.40 (including) |
| Winrar | Rarlab | 3.41 (including) | 3.41 (including) |
| Winrar | Rarlab | 3.42 (including) | 3.42 (including) |
| Winrar | Rarlab | 3.50 (including) | 3.50 (including) |
| Winrar | Rarlab | 3.51 (including) | 3.51 (including) |
| Winrar | Rarlab | 3.60_beta1 (including) | 3.60_beta1 (including) |
| Winrar | Rarlab | 3.60_beta2 (including) | 3.60_beta2 (including) |
| Winrar | Rarlab | 3.60_beta3 (including) | 3.60_beta3 (including) |
| Winrar | Rarlab | 3.60_beta4 (including) | 3.60_beta4 (including) |
| Winrar | Rarlab | 3.60_beta5 (including) | 3.60_beta5 (including) |
| Winrar | Rarlab | 3.60_beta6 (including) | 3.60_beta6 (including) |
References
- http://hustlelabs.com/advisories/04072006_rarlabs.pdf
- http://secunia.com/advisories/21080
- http://www.rarlabs.com/rarnew.htm
- http://www.securityfocus.com/bid/19043
- http://www.vupen.com/english/advisories/2006/2867
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27815
- http://hustlelabs.com/advisories/04072006_rarlabs.pdf
- http://secunia.com/advisories/21080
- http://www.rarlabs.com/rarnew.htm
- http://www.securityfocus.com/bid/19043
- http://www.vupen.com/english/advisories/2006/2867
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27815