Info

Disclosure

Oct 11, 2005

Discovery

Sep 30, 2005

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in WinRAR. The 'UNACEV2.DLL' library fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted ACE archive containing a compressed file with an overly long filename, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 3.51 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Alexander Roshal

WinRAR

3.50

References

Bugtraq ID: 15062
Secunia Advisory ID: 16973
Related OSVDB ID: 19914
CVE ID: 2005-3263 (see also: NVD)
Mail List Post: http://archives.neohapsis.com:80/archives/fulldisclosure/2005-10/0266.html
Other Advisory URL: http://secunia.com/secunia_research/2005-53/advisory/
Vendor URL: http://www.rarlab.com/
Vendor Specific News/Changelog Entry: http://www.rarlab.com/rarnew.htm

Credit

Tan Chew Keong - vulnsecunia.com - Secunia Research

Direct URL: http://osvdb.org/19915