Strike ID:
E19-5pi21
CVSS:
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
288
Year:
2018

Description

This strike exploits an input validation vulnerability found in WinRAR. The vulnerability is due to improper input validation while parsing specific header fields from an ACE archive. An attacker could exploit this vulnerability by crafting a special ACE file. A successful exploit could allow the attacker to execute arbitrary commands on the target system.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}