In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
7.8
EPSS Score
0.008
Published
2019-02-05
The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the user.
CVSS Score
7.4
EPSS Score
0.001
Published
2015-12-30
Page 2