Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026
CVE-2005-0331
CVE-2005-0331
Description
Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file.
Affected products
9cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.41:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.42:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.