4 matches found
PT-2026-53260
Name of the Vulnerable Software and Affected Versions SzafirHost versions prior to 1.2.2 Description SzafirHost is susceptible to remote code execution due to a discrepancy between how it verifies and extracts native library archives. The software uses a JarFile parser to verify the archive by...
CVE-2014-125119 WinRAR < 5.00 Filename Spoofing RCE
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...
VulnCheck KEV: CVE-2014-125119
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...
KenWards-Zipper-1.400
This exploit takes advantage of the fact too many characters get mangled, as a result I was able to get a shell in a more straight forward way. Very interesting exercise. Mrme and tecR0c figured out this trick, of course. But I was given the honor to share it. Zip file format based on:...