Known Vulnerabilities for Winrar by Rarlab
Listed below are 10 of the newest known vulnerabilities associated with "Winrar" by "Rarlab".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-20253 | In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA... | 7.8 - HIGH | 2019-02-13 | 2019-10-09 |
| CVE-2018-20252 | In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE a... | 7.8 - HIGH | 2019-02-05 | 2019-10-09 |
| CVE-2018-20251 | In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the... | 5.5 - MEDIUM | 2019-02-05 | 2019-10-09 |
| CVE-2018-20250 | In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the... | 7.8 - HIGH | 2019-02-05 | 2019-10-09 |
| CVE-2015-5663 | The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file w... | 7.4 - HIGH | 2015-12-30 | 2016-12-06 |
| CVE-2008-7144 | Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (... | 10 - HIGH | 2009-09-01 | 2017-08-17 |
| CVE-2006-3912 | Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact. | 2.1 - LOW | 2006-07-28 | 2017-10-19 |
| CVE-2006-3845 | Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code v... | 9.3 - HIGH | 2006-07-25 | 2017-07-20 |
| CVE-2005-3262 | Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format s... | 7.5 - HIGH | 2005-10-20 | 2008-09-10 |
| CVE-2005-0331 | Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remo... | 2.6 - LOW | 2005-05-02 | 2017-07-11 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rarlab | Winrar | 5.70 | beta1 | All | All |
| Application | Rarlab | Winrar | 5.50 | All | All | All |
| Application | Rarlab | Winrar | 5.40 | All | All | All |
| Application | Rarlab | Winrar | 5.31 | All | All | All |
| Application | Rarlab | Winrar | 5.30 | beta_4 | All | All |
| Application | Rarlab | Winrar | 5.30 | beta_4 | All | All |
| Application | Rarlab | Winrar | 5.30 | All | All | All |
| Application | Rarlab | Winrar | 5.21 | All | All | All |
| Application | Rarlab | Winrar | 5.20 | All | All | All |
| Application | Rarlab | Winrar | 5.11 | All | All | All |
| Application | Rarlab | Winrar | 5.10 | All | All | All |
| Application | Rarlab | Winrar | 5.01 | All | All | All |
| Application | Rarlab | Winrar | 5.00 | All | All | All |
| Application | Rarlab | Winrar | 4.20 | All | All | All |
| Application | Rarlab | Winrar | 4.11 | All | All | All |
| Application | Rarlab | Winrar | 4.10.2 | All | All | All |
| Application | Rarlab | Winrar | 4.10 | All | All | All |
| Application | Rarlab | Winrar | 4.1.0 | All | All | All |
| Application | Rarlab | Winrar | 4.1.0 | All | All | All |
| Application | Rarlab | Winrar | 4.01 | All | All | All |