1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: WinRAR CVE-2018-20250 Download

Web Attack: WinRAR CVE-2018-20250 Download

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to execute arbitrary code in the context of the user running the affected application.

Additional Information

WinRAR is prone to the following vulnerabilities:

1. An arbitrary code-execution vulnerability. An attacker can exploit this issue by crafting the filename field of the ACE format. [CVE-2018-20250]

2. An arbitrary code-execution vulnerability because of an out-of-bounds write error. An attacker can exploit this issue by sending specially crafted ACE and RAR archive formats. [CVE-2018-20252]

3. A security vulnerability because the validation function fails to properly check the return value. Specifically, the issue affects the 'UNACEV2.dll' file. [CVE-2018-20251]

4. An arbitrary code-execution vulnerability that occurs due to an out-of-bounds write error. Specifically, this issue occurs during the parsing of a crafted LHA/LZH archive file formats. [CVE-2018-20253]

Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

Affected

  • Versions prior to WinRAR 5.70 Beta 1 are vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube