CVE-2006-3845

2006-07-2523:00:00

mitre

www.cve.org

8.1 High

AI Score

Confidence

High

0.151 Low

EPSS

Percentile

95.9%

JSON

Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive.

References

hustlelabs.com/advisories/04072006_rarlabs.pdf

secunia.com/advisories/21080

www.rarlabs.com/rarnew.htm

www.securityfocus.com/bid/19043

www.vupen.com/english/advisories/2006/2867

exchange.xforce.ibmcloud.com/vulnerabilities/27815