CVE-2005-0331
Published May 2, 2005
Last updated 7 years ago
Overview
- Description
- Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.6
- Impact score
- 2.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53BDA79B-B1CC-479C-A1DA-41DDDE098EDB"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16A1E0B7-020F-4110-9603-58CA8CEB7581"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE627C32-9F4B-4D36-AC4B-5D01A47BFD88"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3366C2D1-F30A-413B-94A2-7DBDACC083EE"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8585089C-A6B5-4BFE-BEA3-133B94F24F72"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9843D850-DC4C-49D5-AAEB-EF75FB54F08C"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C9B3100-2223-4201-AE29-B4A4EAFF2595"
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F95B556-A1B4-4AEF-8223-5ED44819515D"
}
],
"operator": "OR"
}
]
}
]