Total vulnerabilities in the database
Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.
| Software | From | Fixed in |
|---|---|---|
| rarlab / winrar | 3.0.0 | 3.0.0.x |
| rarlab / winrar | 3.10 | 3.10.x |
| rarlab / winrar | 3.41 | 3.41.x |
| rarlab / winrar | 3.20 | 3.20.x |
| rarlab / winrar | 3.42 | 3.42.x |
| rarlab / winrar | 3.40 | 3.40.x |
| rarlab / winrar | 3.10_beta3 | 3.10_beta3.x |
| rarlab / winrar | 3.10_beta5 | 3.10_beta5.x |
| rarlab / winrar | 3.11 | 3.11.x |