Vulnerabilities > CVE-2004-1254 - Unspecified vulnerability in Rarlab Winrar

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

rarlab

exploit available

NVD

Published: 2005-01-10

Updated: 2017-07-11

Summary

WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.

Vulnerable Configurations

Part	Description	Count
Application	Rarlab Rarlab Winrar 3.0.0 Rarlab Winrar 3.10 Rarlab Winrar 3.41 Rarlab Winrar 3.20 Rarlab Winrar 3.40 Rarlab Winrar 3.10_Beta3 Rarlab Winrar 3.10_Beta5 Rarlab Winrar 3.11	8

Exploit-Db

description	WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC. CVE-2004-1254. Local exploit for windows platform
id	EDB-ID:694
last seen	2016-01-31
modified	2004-12-16
published	2004-12-16
reporter	Vafa Khoshaein
source	https://www.exploit-db.com/download/694/
title	WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC

Summary

Vulnerable Configurations

Exploit-Db

References