N/A
CVE-2005-3262
Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename.
EPSS
9.6%
percentile 93.0%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:2.90:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.41:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.42:*:*:*:*:*:*:* |
| rarlab | winrar | Windows | — | cpe:2.3:a:rarlab:winrar:3.50:*:*:*:*:*:*:* |