WinRAR Multiple Unspecified Vulnerabilities

Posted on Thursday, March 20, 2008 @ 01:24:08 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA29407

VERIFY ADVISORY: http://secunia.com/advisories/29407/

CRITICAL: Highly critical

IMPACT: DoS, System access

SOFTWARE: WinRAR 3.x - http://secunia.com/product/890/

DESCRIPTION: Some vulnerabilities have been reported in WinRAR, which can potentially be exploited by malicious people to compromise a vulnerable system.

The vulnerabilities are caused due to unspecified errors in the processing of archives and can be exploited to cause heap corruptions and stack-based buffer overflows via specially crafted archives. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 3.71.

SOLUTION: Update to version 3.71.

PROVIDED AND/OR DISCOVERED BY: Oulu University Secure Programming Group

ORIGINAL ADVISORY: http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

OTHER REFERENCES: https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Server TrafficServer Traffic
  • Total: 352,588,358
  • Today: 71,309
Server InfoServer Info
  • Apr 19, 2018
  • 05:51 pm PDT
 
 

Daily Inspiration