Remote Code Execution Vulnerability in WinRAR 3.40 and Earlier Versions via Long Filename ZIP File

Remote Code Execution Vulnerability in WinRAR 3.40 and Earlier Versions via Long Filename ZIP File

CVE-2004-1254 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.

Learn more about our Web Application Penetration Testing UK.