CVE-2004-1495

Name of the Vulnerable Software and Affected Versions WinRAR version 3.40

Description The issue is related to the Repair Archive command in WinRAR, which can be exploited by remote attackers to cause a denial of service, resulting in an application crash. This is achieved by using a corrupt ZIP archive. The problem is triggered when the Repair command is used on a corrupt ZIP archive, leading to a loss of availability for the service.

Recommendations For WinRAR version 3.40, as a temporary workaround, consider disabling the Repair Archive command until a patch is available. Restrict access to the Repair function to minimize the risk of exploitation. Avoid using the Repair command on untrusted or potentially corrupt ZIP archives until the issue is resolved.