WinRAR LHA Filename Handling Buffer Overflows

High Nessus Plugin ID 22072


The remote Windows host has an application that is suffers from two buffer overflow vulnerabilities.


The remote host is running WinRAR, an archive manager for Windows.

The version of WinRAR installed on the remote host is affected by two stack-based buffer overflows when processing LHA files with specially- crafted filenames. Successful exploitation of either issue enables an attacker to execute arbitrary code subject to the privileges of the current user.


Upgrade to WinRAR version 3.6.0 beta 7 ( or later.

See Also

Plugin Details

Severity: High

ID: 22072

File Name: winrar_360b7.nasl

Version: $Revision: 1.15 $

Type: local

Agent: windows

Family: Windows

Published: 2006/07/19

Modified: 2016/11/29

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:U/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/07/18

Exploitable With

Core Impact

Reference Information

CVE: CVE-2006-3845

BID: 19043

OSVDB: 27379