CVE-2018-20253

Published: Feb 13, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Vendor	Product	Versions
Check Point Software Technologies Ltd.	WinRAR	affected `All versions prior and including 5.60`

Weaknesses (CWE)

CWE-787

References

https://research.checkpoint.com/extracting-code-execution-from-winrar/

x_refsource_MISC

https://www.win-rar.com/whatsnew.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20253

Description

Affected Products

Weaknesses (CWE)

References