Lucene search
HistoryOct 20, 2005 - 10:02 a.m.
CVE-2005-3263
cve
buffer overflow
unacev2.dll
rarlab
winrar
ace archive
remote execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.175 Low
EPSS
Percentile
96.1%
Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name.
Affected configurations
Node
rarlabwinrarMatch2.90
ORrarlabwinrarMatch3.0.0
ORrarlabwinrarMatch3.10
ORrarlabwinrarMatch3.10_beta3
ORrarlabwinrarMatch3.10_beta5
ORrarlabwinrarMatch3.11
ORrarlabwinrarMatch3.20
ORrarlabwinrarMatch3.40
ORrarlabwinrarMatch3.41
ORrarlabwinrarMatch3.42
ORrarlabwinrarMatch3.50
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.5 High
AI Score
Confidence
Low
0.175 Low
EPSS
Percentile
96.1%
Related for CVE-2005-3263