RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action on a malicious page.
The specific flaw exists within the archive extraction functionality. A crafted archive entry can cause the creation of an arbitrary file without the Mark-Of-The-Web. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Was ZDI-CAN-23156.
References
Configurations
No configuration.
History
21 Nov 2024, 09:11
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.rarlab.com/rarnew.htm#27.%20Busgs%20fixed - | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-24-357/ - |
03 Apr 2024, 12:38
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Apr 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-02 21:15
Updated : 2024-11-21 09:11
NVD link : CVE-2024-30370
Mitre link : CVE-2024-30370
CVE.ORG link : CVE-2024-30370
JSON object : View
Products Affected
No product.
CWE
CWE-693
Protection Mechanism Failure