CVE-2005-4620

Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to specify a command-line argument for this program, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4620
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
rarlab / winrar	3.50	3.50.x
rarlab / winrar	3.0.0	3.0.0.x
rarlab / winrar	3.10	3.10.x
rarlab / winrar	3.41	3.41.x
rarlab / winrar	3.20	3.20.x
rarlab / winrar	3.42	3.42.x
rarlab / winrar	3.30	3.30.x
rarlab / winrar	2.90	2.90.x
rarlab / winrar	3.40	3.40.x
rarlab / winrar	3.10_beta3	3.10_beta3.x
rarlab / winrar	3.10_beta5	3.10_beta5.x
rarlab / winrar	3.11	3.11.x

Vulnerability Database

289,697

CVE-2005-4620