CVE-2008-7144Winrar vulnerability

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
1.1%
top 22.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Rarlab Winrar
Timeline
PublishedSep 1
Latest updateMay 17

Description

Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (9) ZIP files, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDrarlab/winrar3.70+31

Patches

Patch: www.vupen.comPatch: www.vupen.com

🔴Vulnerability Details

2
GHSA
GHSA-jwh7-cj9w-f3p3: Multiple unspecified vulnerabilities in RARLAB WinRAR before 32022-05-17
CVEList
CVE-2008-7144: Multiple unspecified vulnerabilities in RARLAB WinRAR before 32009-09-01

💥Exploits & PoCs

1
Exploit-DB
PeerCast 0.1218 - 'getAuthUserPass' Multiple Buffer Overflow Vulnerabilities2008-04-29
CVE-2008-7144 — Rarlab Winrar vulnerability | cvebase