Unrated severityNVD Advisory· Published Oct 20, 2005· Updated Jun 16, 2026
CVE-2005-3262
CVE-2005-3262
Description
Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:rarlab:winrar:2.90:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:rarlab:winrar:2.90:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.10:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.10_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.10_beta5:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.11:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.40:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.41:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.42:*:*:*:*:*:*:*
- cpe:2.3:a:rarlab:winrar:3.50:*:*:*:*:*:*:*
- (no CPE)range: >=2.90 <=3.50
Patches
Vulnerability mechanics
References
4- secunia.com/advisories/16973/nvdPatchVendor Advisory
- secunia.com/secunia_research/2005-53/advisory/nvdPatchVendor Advisory
- www.securityfocus.com/bid/15062nvdPatch
- www.rarlabs.com/rarnew.htmnvd
News mentions
0No linked articles in our index yet.