CVE-2005-3263

Name of the Vulnerable Software and Affected Versions WinRAR versions 2.90 through 3.50

Description The issue is related to a stack-based buffer overflow in the UNACEV2.DLL library of WinRAR, which allows remote attackers to execute arbitrary code. This can be achieved by creating a specially crafted ACE archive that contains a compressed file with an overly long filename. The lack of proper bounds checking in the library results in a buffer overflow, leading to a potential loss of integrity.

Recommendations For WinRAR versions 2.90 through 3.50, consider updating to a version that includes a fix for the buffer overflow issue in the UNACEV2.DLL library. As a temporary workaround, restrict the handling of ACE archives with long filenames to minimize the risk of exploitation.