CVE-2008-7144

critical

Description

Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (9) ZIP files, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41251

http://www.vupen.com/english/advisories/2008/0916/references

http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

http://secunia.com/advisories/29407

http://osvdb.org/43439

Details

Source: Mitre, NVD

Published: 2009-09-01

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.01134