Vulnerabilities > CVE-2005-3262 - Remote vulnerability in RARLAB WinRAR
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 11 |
Exploit-Db
description | RARLAB WinRar 2.90/3.x UUE/XXE Invalid Filename Error Message Format String. CVE-2005-3262 . Dos exploit for linux platform |
id | EDB-ID:26342 |
last seen | 2016-02-03 |
modified | 2005-10-11 |
published | 2005-10-11 |
reporter | Tan Chew Keong |
source | https://www.exploit-db.com/download/26342/ |
title | RARLAB WinRar 2.90/3.x UUE/XXE Invalid Filename Error Message Format String |