Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1495

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2004-1495
Last Modified 05 Sep 2008 04:41:33
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-1495

Summary

The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive.

Vulnerable Systems

Application

  • Rarlab Winrar 2.90

  • Rarlab Winrar 3.0.0

  • Rarlab Winrar 3.10

  • Rarlab Winrar 3.10 Beta3

  • Rarlab Winrar 3.10 Beta5

  • Rarlab Winrar 3.11

  • Rarlab Winrar 3.20

  • Rarlab Winrar 3.40


References

BID - 11581

SECUNIA - 13070

XF - winrar-repair-archive(17937)

CONFIRM - http://www.rarlabs.com/rarnew.htm

BUGTRAQ - 20041102 Medium Risk Vulnerability in WinRAR


Last Updated: 27 May 2016 10:39:04