Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4474

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-4474
Last Modified 05 Sep 2008 04:56:58
Published 21 Dec 2005 08:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-4474

Summary

Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by tricking the user into adding a file whose filename contains a non-default code page and non-ANSI characters, as demonstrated using a Chinese filename, possibly due to buffer expansion when using the WideCharToMultiByte API. NOTE: it is not clear whether this problem can be exploited for code execution. If not, then perhaps the user-assisted nature of the attack should exclude the issue from inclusion in CVE.

Vulnerable Systems

Application

  • Rarlab Winrar 3.51


References

BID - 15999

BUGTRAQ - 20051221 WinRAR - Processing Filename Incorrectly Vulnerability

SREASON - 290


Last Updated: 27 May 2016 10:41:19