Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2019/02/27 12:0 a.m.1176 views

RARLAB WinRAR < 5.70 Beta 1 Multiple Vulnerabilities

The version of RARLAB WinRAR installed on the remote Windows host is prior to 5.70 Beta 1. It is, therefore, affected by the following vulnerabilities : - An error exists in the file 'unacev2.dll' related to the 'filename' field, that allows a specially crafted ACE archive to overwrite files...

7.8CVSS7.5AI score0.96274EPSS
Exploits16References6
ThreatPost
ThreatPost
added 2019/02/21 3:5 p.m.453 views

19-Year-Old WinRAR Flaw Plagues 500 Million Users

Popular Windows data compression tool WinRAR has patched a serious 19-year-old security flaw that was discovered on its platform, potentially impacting 500 million users. The path-traversal vulnerability, which WinRAR fixed in January, could allow bad actors to remotely execute malicious code on...

6.8CVSS7.5AI score0.96274EPSS
Exploits16References9
CVE
CVE
added 2019/02/05 8:0 p.m.87 views

CVE-2018-20251

CVE-2018-20251 refers to a path-traversal in WinRAR’s ACE handling via unacev2.dll. Affected: WinRAR up to and including 5.61 (and related advisories noting ACE parsing support). The UNACEV2.dll creates files/folders as written in the ACE filename field even after the validator detects traversal ...

5.5CVSS6.1AI score0.31528EPSS
Exploits1References3Affected Software1
Kaspersky
Kaspersky
added 2019/02/05 12:0 a.m.740 views

KLA11427 Multiple ACE vulnerabilities in WinRAR

Multiple vulnerabilities were found in WinRAR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A logical issue can be exploited locally via specially crafted filename of the ACE archive to...

7.8CVSS8.1AI score0.96274EPSS
Exploits16References5
Rows per page
Query Builder