Lucene search
MitreCVE-2005-3263HistoryOct 20, 2005 - 10:02 a.m.
CVE-2005-3263
2005-10-2010:02:00
mitre
web.nvd.nist.gov
28
cve
buffer overflow
unacev2.dll
rarlab
winrar
ace archive
remote execution
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.098
Percentile
94.9%
Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name.
Affected configurations
Node
rarlabwinrarMatch2.90
ORrarlabwinrarMatch3.0.0
ORrarlabwinrarMatch3.10
ORrarlabwinrarMatch3.10_beta3
ORrarlabwinrarMatch3.10_beta5
ORrarlabwinrarMatch3.11
ORrarlabwinrarMatch3.20
ORrarlabwinrarMatch3.40
ORrarlabwinrarMatch3.41
ORrarlabwinrarMatch3.42
ORrarlabwinrarMatch3.50
| Vendor | Product | Version | CPE |
|---|---|---|---|
| rarlab | winrar | 2.90 | cpe:2.3:a:rarlab:winrar:2.90:*:*:*:*:*:*:* |
| rarlab | winrar | 3.0.0 | cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:* |
| rarlab | winrar | 3.10 | cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:* |
| rarlab | winrar | 3.10_beta3 | cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:* |
| rarlab | winrar | 3.10_beta5 | cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:* |
| rarlab | winrar | 3.11 | cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:* |
| rarlab | winrar | 3.20 | cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:* |
| rarlab | winrar | 3.40 | cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:* |
| rarlab | winrar | 3.41 | cpe:2.3:a:rarlab:winrar:3.41:*:*:*:*:*:*:* |
| rarlab | winrar | 3.42 | cpe:2.3:a:rarlab:winrar:3.42:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.098
Percentile
94.9%
Related for CVE-2005-3263