CVE-2018-20252

CVE-2018-20252

Vendor Check Point Software Technologies Ltd.

Product WinRAR

Weakness CWE-787

Published February 5, 2019

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Key dates

02Disclosure timeline

February 5, 2019 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-20252 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE