CVE-2008-7144

EUVD-2008-7103
Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted (1) ACE, (2) ARJ, (3) BZ2, (4) CAB, (5) GZ, (6) LHA, (7) RAR, (8) TAR, or (9) ZIP files, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
rarlabwinrar
𝑥
≤ 3.70
rarlabwinrar
2.90
rarlabwinrar
3.0.0
rarlabwinrar
3.10
rarlabwinrar
3.10_beta3:_beta3
rarlabwinrar
3.10_beta5:_beta5
rarlabwinrar
3.11
rarlabwinrar
3.20
rarlabwinrar
3.30
rarlabwinrar
3.40
rarlabwinrar
3.41
rarlabwinrar
3.42
rarlabwinrar
3.50
rarlabwinrar
3.51
rarlabwinrar
3.60_beta1:_beta1
rarlabwinrar
3.60_beta2:_beta2
rarlabwinrar
3.60_beta3:_beta3
rarlabwinrar
3.60_beta4:_beta4
rarlabwinrar
3.60_beta5:_beta5
rarlabwinrar
3.60_beta6:_beta6
rarlabwinrar
3.60_beta7:_beta7
rarlabwinrar
3.60_beta8:_beta8
rarlabwinrar
3.61
rarlabwinrar
3.62
rarlabwinrar
3.70_beta1:_beta1
rarlabwinrar
3.70_beta2:_beta2
rarlabwinrar
3.70_beta3:_beta3
rarlabwinrar
3.70_beta4:_beta4
rarlabwinrar
3.70_beta5:_beta5
rarlabwinrar
3.70_beta6:_beta6
rarlabwinrar
3.70_beta7:_beta7
rarlabwinrar
3.70_beta8:_beta8
𝑥
= Vulnerable software versions
References
http://osvdb.org/43439
http://secunia.com/advisories/29407
http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/
http://www.vupen.com/english/advisories/2008/0916/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41251
http://osvdb.org/43439
http://secunia.com/advisories/29407
http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/
http://www.vupen.com/english/advisories/2008/0916/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41251