Total vulnerabilities in the database
Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename.
Software | From | Fixed in |
---|---|---|
rarlab / winrar | 3.50 | 3.50.x |
rarlab / winrar | 3.0.0 | 3.0.0.x |
rarlab / winrar | 3.10 | 3.10.x |
rarlab / winrar | 3.41 | 3.41.x |
rarlab / winrar | 3.20 | 3.20.x |
rarlab / winrar | 3.42 | 3.42.x |
rarlab / winrar | 2.90 | 2.90.x |
rarlab / winrar | 3.40 | 3.40.x |
rarlab / winrar | 3.10_beta3 | 3.10_beta3.x |
rarlab / winrar | 3.10_beta5 | 3.10_beta5.x |
rarlab / winrar | 3.11 | 3.11.x |