![]() ![]() In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). The winrar uses the ACE format to compress the folder and unpack the compressed folder with the help of UNACE.DLL. ![]() This vulnerability is due to the UNACEV2.DLL library included with all versions of WinRAR. The vulnerability identified last year by affects all versions released in all WinRAR over the past 19 years.ĬVE-ID: CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 In this post, we are going to discuss how WinRAR has patched serious security faults last month, one of the world’s most popular Windows file compression applications, which can only be exploited by tricking a WinRar user to extract malicious archives. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
May 2023
Categories |