WinRAR.LHA.Filename.Handling.Buffer.Overflow
Description
There exists a Stack-based buffer overflow in the lzh.fmt in WinRAR 3.00 through 3.60 beta 6. A succesfull exploit would allow remote attackers to execute arbitrary code via a long filename in a LHA archive.
Affected Products
WinRAR 3.00 - 3.60 beta 6.
Impact
System compromise.
Recommended Actions
The vendor has released version 3.60 beta 7 to address this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |