WinRAR Multiple Unspecified Vulnerabilities Date: Thursday, March 20, 2008 @ 01:24:08 CDT Topic: Security SECUNIA ADVISORY ID: SA29407 VERIFY ADVISORY: http://secunia.com/advisories/29407/ CRITICAL: Highly critical IMPACT: DoS, System access SOFTWARE: WinRAR 3.x - http://secunia.com/product/890/ DESCRIPTION: Some vulnerabilities have been reported in WinRAR, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to unspecified errors in the processing of archives and can be exploited to cause heap corruptions and stack-based buffer overflows via specially crafted archives. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 3.71. SOLUTION: Update to version 3.71. PROVIDED AND/OR DISCOVERED BY: Oulu University Secure Programming Group ORIGINAL ADVISORY: http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ OTHER REFERENCES: https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3276