CVE-2018-20252

Published: Feb 5, 2019

Modified: Sep 16, 2024

PUBLISHED

Description

In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Vendor	Product	Versions
Check Point Software Technologies Ltd.	WinRAR	affected `All versions prior and including 5.60`

Weaknesses (CWE)

CWE-787

References

https://research.checkpoint.com/extracting-code-execution-from-winrar/

x_refsource_MISC

106948

vdb-entry

x_refsource_BID

https://www.win-rar.com/whatsnew.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20252

Description

Affected Products

Weaknesses (CWE)

References