The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive.
https://exchange.xforce.ibmcloud.com/vulnerabilities/17937
http://www.securityfocus.com/bid/11581
http://www.rarlabs.com/rarnew.htm