CVE-2006-3845 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2006-3845

Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive.

Published: Jul 26, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-3845
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
rarlab / winrar	3.50	3.50.x
rarlab / winrar	3.0.0	3.0.0.x
rarlab / winrar	3.10	3.10.x
rarlab / winrar	3.51	3.51.x
rarlab / winrar	3.60_beta3	3.60_beta3.x
rarlab / winrar	3.41	3.41.x
rarlab / winrar	3.20	3.20.x
rarlab / winrar	3.42	3.42.x
rarlab / winrar	3.60_beta2	3.60_beta2.x
rarlab / winrar	3.30	3.30.x
rarlab / winrar	3.60_beta5	3.60_beta5.x
rarlab / winrar	3.40	3.40.x
rarlab / winrar	3.10_beta3	3.10_beta3.x
rarlab / winrar	3.60_beta6	3.60_beta6.x
rarlab / winrar	3.60_beta4	3.60_beta4.x
rarlab / winrar	3.10_beta5	3.10_beta5.x
rarlab / winrar	3.60_beta1	3.60_beta1.x
rarlab / winrar	3.11	3.11.x