Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote malicious users to write to arbitrary files via a crafted archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rarlab rar 5.20 |
||
rarlab rar 5.21 |
||
rarlab rar 5.30 |
||
rarlab rar 5.31 |
||
rarlab rar 4.11 |
||
rarlab rar 4.20 |
||
rarlab rar 5.50 |
||
rarlab rar 4.01 |
||
rarlab rar 5.01 |
||
rarlab rar 5.11 |
||
rarlab rar 5.40 |
||
rarlab rar 5.00 |
||
rarlab rar 4.00 |
||
rarlab rar 4.10 |
||
rarlab rar 5.10 |