CVE-2006-3912

Name of the Vulnerable Software and Affected Versions WinRAR versions prior to 3.60 beta 8

Description A stack-based buffer overflow issue exists in the SFX module of WinRAR, allowing an attacker to cause a stack overflow with a specially crafted file. This results in a loss of integrity. The issue occurs when WinRAR fails to properly process archive comments during file extraction.

Recommendations For versions prior to 3.60 beta 8, update to version 3.60 beta 8 or later to resolve the issue. As a temporary workaround, consider avoiding the extraction of files with potentially malicious archive comments until a patch is applied. Restrict access to the SFX module to minimize the risk of exploitation.