Lucene search

MitreCVE-2008-7144

HistorySep 01, 2009 - 4:30 p.m.

CVE-2008-7144

2009-09-0116:30:00

mitre

web.nvd.nist.gov

cve-2008-7144

rarlab winrar

unspecified vulnerabilities

unknown impact

attack vectors

ace

arj

bz2

cab

lha

rar

tar

zip

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.005

Percentile

75.7%

JSON

Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (9) ZIP files, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.

Affected configurations

Nvd

Node

rarlabwinrarRange≤3.70

rarlabwinrarMatch2.90

rarlabwinrarMatch3.0.0

rarlabwinrarMatch3.10

rarlabwinrarMatch3.10_beta3

rarlabwinrarMatch3.10_beta5

rarlabwinrarMatch3.11

rarlabwinrarMatch3.20

rarlabwinrarMatch3.30

rarlabwinrarMatch3.40

rarlabwinrarMatch3.41

rarlabwinrarMatch3.42

rarlabwinrarMatch3.50

rarlabwinrarMatch3.51

rarlabwinrarMatch3.60_beta1

rarlabwinrarMatch3.60_beta2

rarlabwinrarMatch3.60_beta3

rarlabwinrarMatch3.60_beta4

rarlabwinrarMatch3.60_beta5

rarlabwinrarMatch3.60_beta6

rarlabwinrarMatch3.60_beta7

rarlabwinrarMatch3.60_beta8

rarlabwinrarMatch3.61

rarlabwinrarMatch3.62

rarlabwinrarMatch3.70_beta1

rarlabwinrarMatch3.70_beta2

rarlabwinrarMatch3.70_beta3

rarlabwinrarMatch3.70_beta4

rarlabwinrarMatch3.70_beta5

rarlabwinrarMatch3.70_beta6

rarlabwinrarMatch3.70_beta7

rarlabwinrarMatch3.70_beta8

VendorProductVersionCPE
rarlabwinrar*cpe:2.3:a:rarlab:winrar:*:*:*:*:*:*:*:*
rarlabwinrar2.90cpe:2.3:a:rarlab:winrar:2.90:*:*:*:*:*:*:*
rarlabwinrar3.0.0cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:*
rarlabwinrar3.10cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:*
rarlabwinrar3.10_beta3cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:*
rarlabwinrar3.10_beta5cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:*
rarlabwinrar3.11cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:*
rarlabwinrar3.20cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*
rarlabwinrar3.30cpe:2.3:a:rarlab:winrar:3.30:*:*:*:*:*:*:*
rarlabwinrar3.40cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rarlab	winrar	*	cpe:2.3:a:rarlab:winrar::::::::
rarlab	winrar	2.90	cpe:2.3:a:rarlab:winrar:2.90:::::::*
rarlab	winrar	3.0.0	cpe:2.3:a:rarlab:winrar:3.0.0:::::::*
rarlab	winrar	3.10	cpe:2.3:a:rarlab:winrar:3.10:::::::*
rarlab	winrar	3.10_beta3	cpe:2.3:a:rarlab:winrar:3.10_beta3:::::::*
rarlab	winrar	3.10_beta5	cpe:2.3:a:rarlab:winrar:3.10_beta5:::::::*
rarlab	winrar	3.11	cpe:2.3:a:rarlab:winrar:3.11:::::::*
rarlab	winrar	3.20	cpe:2.3:a:rarlab:winrar:3.20:::::::*
rarlab	winrar	3.30	cpe:2.3:a:rarlab:winrar:3.30:::::::*
rarlab	winrar	3.40	cpe:2.3:a:rarlab:winrar:3.40:::::::*

Rows per page:

1-10 of 321

References

osvdb.org/43439

secunia.com/advisories/29407

www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

www.vupen.com/english/advisories/2008/0916/references

exchange.xforce.ibmcloud.com/vulnerabilities/41251

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.005

Percentile

75.7%

JSON

Related for CVE-2008-7144