CVE-2008-7144
Summary
| CVE | CVE-2008-7144 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2009-09-01 16:30:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (9) ZIP files, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats. |
Risk And Classification
Primary CVSS: v2.0 10 from [email protected]
AV:N/AC:L/Au:N/C:C/I:C/A:C
Problem Types: NVD-CWE-noinfo | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:N/AC:L/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rarlab | Winrar | 2.90 | All | All | All |
| Application | Rarlab | Winrar | 3.0.0 | All | All | All |
| Application | Rarlab | Winrar | 3.10 | All | All | All |
| Application | Rarlab | Winrar | 3.10_beta3 | All | All | All |
| Application | Rarlab | Winrar | 3.10_beta5 | All | All | All |
| Application | Rarlab | Winrar | 3.11 | All | All | All |
| Application | Rarlab | Winrar | 3.20 | All | All | All |
| Application | Rarlab | Winrar | 3.30 | All | All | All |
| Application | Rarlab | Winrar | 3.40 | All | All | All |
| Application | Rarlab | Winrar | 3.41 | All | All | All |
| Application | Rarlab | Winrar | 3.42 | All | All | All |
| Application | Rarlab | Winrar | 3.50 | All | All | All |
| Application | Rarlab | Winrar | 3.51 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta1 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta2 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta3 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta4 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta5 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta6 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta7 | All | All | All |
| Application | Rarlab | Winrar | 3.60_beta8 | All | All | All |
| Application | Rarlab | Winrar | 3.61 | All | All | All |
| Application | Rarlab | Winrar | 3.62 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta1 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta2 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta3 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta4 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta5 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta6 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta7 | All | All | All |
| Application | Rarlab | Winrar | 3.70_beta8 | All | All | All |
| Application | Rarlab | Winrar | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| CERT-FI - CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats | af854a3a-2127-422b-91ae-364da2661108 | www.cert.fi | |
| WinRAR Multiple Unspecified Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| osvdb.org/43439 | af854a3a-2127-422b-91ae-364da2661108 | osvdb.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | Patch, Vendor Advisory |
| www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive | af854a3a-2127-422b-91ae-364da2661108 | www.ee.oulu.fi | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.