![]() ![]() The issue is due to the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. The vulnerability lies in how the software processes recovery volumes. The CVE patched in this update is CVE-2023-40477 (with a CVSS score of 7.8 out of 10). The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. ![]() Users should install the latest version (WinRAR 6.23 or later) at their earliest convenience. All the victim has to do is to open a specially crafted archive.Īfter receiving a report about the vulnerability in June, a new version of the software was published on August 2, 2023. A new version of the file archiving software WinRAR fixes two vulnerabilities that could allow an attacker to execute code on a target system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |