WinRAR.Filename.Spoofing
Description
This indicates an attack attempt to exploit a Filename Spoofing vulnerability in RARLAB WinRAR.
The vulnerability is due to an error when the vulnerable software handles a malformed ZIP file. A remote attacker can exploit this to bypass security checks of vulnerable systems and lead to the user opening a malicious executable file.
Affected Products
RARLAB WinRAR 3.80
RARLAB WinRAR 4.20
RARLAB WinRAR 5.01
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.rarlabs.com/vuln_zip_spoofing_4.20.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |