Vulnerability Database

299,751

Total vulnerabilities in the database

CVE-2005-0331

Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.

  • Published: May 2, 2005
  • Updated: Nov 9, 2025
  • CVE: CVE-2005-0331
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.6
  • AV:N/AC:H/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
rarlab / winrar 3.0.0 3.0.0.x
rarlab / winrar 3.10 3.10.x
rarlab / winrar 3.41 3.41.x
rarlab / winrar 3.20 3.20.x
rarlab / winrar 3.42 3.42.x
rarlab / winrar 3.40 3.40.x
rarlab / winrar 3.10_beta3 3.10_beta3.x
rarlab / winrar 3.10_beta5 3.10_beta5.x
rarlab / winrar 3.11 3.11.x