Lucene search
HistoryJul 25, 2006 - 11:04 p.m.
CVE-2006-3845
cve-2006-3845
winrar
stack-based buffer overflow
lzh.fmt
remote code execution
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.1 High
AI Score
Confidence
High
0.151 Low
EPSS
Percentile
95.9%
Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive.
Affected configurations
Node
rarlabwinrarMatch3.0.0
ORrarlabwinrarMatch3.10
ORrarlabwinrarMatch3.10_beta3
ORrarlabwinrarMatch3.10_beta5
ORrarlabwinrarMatch3.11
ORrarlabwinrarMatch3.20
ORrarlabwinrarMatch3.30
ORrarlabwinrarMatch3.40
ORrarlabwinrarMatch3.41
ORrarlabwinrarMatch3.42
ORrarlabwinrarMatch3.50
ORrarlabwinrarMatch3.51
ORrarlabwinrarMatch3.60_beta1
ORrarlabwinrarMatch3.60_beta2
ORrarlabwinrarMatch3.60_beta3
ORrarlabwinrarMatch3.60_beta4
ORrarlabwinrarMatch3.60_beta5
ORrarlabwinrarMatch3.60_beta6
Related
nessus
nessus
WinRAR LHA Filename Handling Buffer Overflows
2006-07-19 00:00:00
cvelist
cvelist
CVE-2006-3845
2006-07-25 23:00:00
nvd
nvd
CVE-2006-3845
2006-07-25 23:04:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.1 High
AI Score
Confidence
High
0.151 Low
EPSS
Percentile
95.9%
Related for CVE-2006-3845