Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2018-20251
HistoryFeb 05, 2019 - 8:29 p.m.

Path traversal

2019-02-0520:29:00
PRIOn knowledge base
www.prio-n.com
7

5.9 Medium

AI Score

Confidence

High

0.713 High

EPSS

Percentile

98.1%

JSON

In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. The UNACE module (UNACEV2.dll) creates files and folders as written in the filename field even when WinRAR validator noticed the traversal attempt and requestd to abort the extraction process. the operation is cancelled only after the folders and files were created but prior to them being written, therefore allowing the attacker to create empty files and folders everywhere in the file system.

CPENameOperatorVersion
winrarle5.61

Related

cve 1
nvd 1
cvelist 1
threatpost 1
myhack58 1
nessus 1
kaspersky 1
cve
cve
CVE-2018-20251
2019-02-05 20:29:00
nvd
nvd
CVE-2018-20251
2019-02-05 20:29:00
cvelist
cvelist
CVE-2018-20251
2019-02-05 00:00:00
threatpost
threatpost
19-Year-Old WinRAR Flaw Plagues 500 Million Users
2019-02-21 15:05:45
myhack58
myhack58
WinRAR aeration elder has a major vulnerability that hackers can be malicious programs implanted in the boot process-vulnerability warning-the black bar safety net
2019-02-22 00:00:00
nessus
nessus
RARLAB WinRAR < 5.70 Beta 1 Multiple Vulnerabilities
2019-02-27 00:00:00
kaspersky
kaspersky
KLA11427 Multiple ACE vulnerabilities in WinRAR
2019-02-05 00:00:00

5.9 Medium

AI Score

Confidence

High

0.713 High

EPSS

Percentile

98.1%

JSON
Related for PRION:CVE-2018-20251
cve1nvd1cvelist1threatpost1myhack581nessus1kaspersky1