Vulnerabilities > CVE-2005-4620 - Buffer Overflow vulnerability in RARLAB WinRAR Command Line Processing

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
rarlab
exploit available

Summary

Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to specify a command-line argument for this program, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.

Exploit-Db

  • descriptionWinRAR 3.30 Long Filename Buffer Overflow Exploit (more targets) (2). CVE-2005-4620. Local exploit for windows platform
    idEDB-ID:1404
    last seen2016-01-31
    modified2006-01-04
    published2006-01-04
    reporterc0d3r
    sourcehttps://www.exploit-db.com/download/1404/
    titleWinRAR 3.30 Long Filename Buffer Overflow Exploit more targets 2
  • descriptionWinRAR 3.30 Long Filename Buffer Overflow Exploit. CVE-2005-4620. Local exploit for windows platform
    idEDB-ID:1403
    last seen2016-01-31
    modified2006-01-04
    published2006-01-04
    reporterK4P0
    sourcehttps://www.exploit-db.com/download/1403/
    titleWinRAR 3.30 Long Filename Buffer Overflow Exploit