Directory traversal vulnerability in WinRAR 3.42 and previous versions, when the user clicks on the ZIP file to extract it, allows remote malicious users to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rarlab winrar 3.0.0 |
||
rarlab winrar 3.41 |
||
rarlab winrar 3.42 |
||
rarlab winrar 3.20 |
||
rarlab winrar 3.40 |
||
rarlab winrar 3.10_beta5 |
||
rarlab winrar 3.11 |
||
rarlab winrar 3.10 |
||
rarlab winrar 3.10_beta3 |