WinRAR Multiple Security Vulnerabilities
BID:106948
CVE-2018-20250 | CVE-2018-20251 | CVE-2018-20252 |Info
WinRAR Multiple Security Vulnerabilities
| Bugtraq ID: | 106948 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-20250 CVE-2018-20251 CVE-2018-20252 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 05 2019 12:00AM |
| Updated: | Feb 05 2019 12:00AM |
| Credit: | The vendor reported these issues. |
| Vulnerable: |
RARLAB WinRar 3.51 RARLAB WinRar 3.50 RARLAB WinRar 3.42 RARLAB WinRar 3.41 RARLAB WinRar 3.40 RARLAB WinRar 3.30 RARLAB WinRar 3.20 RARLAB WinRar 3.11 RARLAB WinRar 3.10 beta 5 RARLAB WinRar 3.10 beta 3 RARLAB WinRar 3.10 RARLAB WinRar 3.0 .0 RARLAB WinRar 3.0 RARLAB WinRar 2.90 RARLAB WinRar 5.61 RARLAB WinRar 5.60 RARLAB WinRar 5.50 RARLAB WinRar 5.40 RARLAB WinRar 5.31 RARLAB WinRar 5.30 Beta 5 RARLAB WinRar 5.30 Beta 4 RARLAB WinRar 5.01 RARLAB WinRar 5.0.1 RARLAB WinRar 3.93 RARLAB WinRar 3.70 Beta8 RARLAB WinRar 3.70 Beta7 RARLAB WinRar 3.70 Beta6 RARLAB WinRar 3.70 Beta5 RARLAB WinRar 3.70 Beta4 RARLAB WinRar 3.70 Beta3 RARLAB WinRar 3.70 Beta2 RARLAB WinRar 3.70 Beta1 RARLAB WinRar 3.70 beta RARLAB WinRar 3.70 RARLAB WinRar 3.62 RARLAB WinRar 3.61 RARLAB WinRar 3.60 Beta8 RARLAB WinRar 3.60 Beta7 RARLAB WinRar 3.60 Beta6 RARLAB WinRar 3.60 Beta5 RARLAB WinRar 3.60 Beta4 RARLAB WinRar 3.60 Beta3 RARLAB WinRar 3.60 Beta2 RARLAB WinRar 3.60 Beta1 RARLAB WinRar 3.60 beta 7 RARLAB WinRar 3.60 beta 6 RARLAB WinRar 3.60 beta 5 RARLAB WinRar 3.60 beta 4 RARLAB WinRar 3.60 beta 3 RARLAB WinRar 3.60 beta 2 RARLAB WinRar 3.60 beta 1 RARLAB WinRar 3.60 RARLAB WinRar 3.51 RARLAB WinRar 3.50 RARLAB WinRar 3.42 RARLAB WinRar 3.41 RARLAB WinRar 3.40 RARLAB WinRar 3.30 RARLAB WinRar 3.20 RARLAB WinRar 3.11 RARLAB WinRar 3.10 Beta5 RARLAB WinRar 3.10 Beta3 RARLAB WinRar 3.10 |
| Not Vulnerable: |
RARLAB WinRar 5.70 Beta 1 |
Discussion
WinRAR Multiple Security Vulnerabilities
WinRAR is prone to the following security vulnerabilities:
1. Multiple arbitrary code-execution vulnerabilities
2. A security vulnerability
Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
Versions prior to WinRAR 5.70 Beta 1 are vulnerable.
WinRAR is prone to the following security vulnerabilities:
1. Multiple arbitrary code-execution vulnerabilities
2. A security vulnerability
Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
Versions prior to WinRAR 5.70 Beta 1 are vulnerable.
Exploit / POC
WinRAR Multiple Security Vulnerabilities
Currently, we are not aware of any working exploits. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
WinRAR Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
WinRAR Multiple Security Vulnerabilities
References:
References:
- WinRAR Change Log (WinRAR)
- WinRAR Homepage (WinRAR)