Free Republic 2nd Qtr 2025 Fundraising Target: $81,000 Receipts & Pledges to-date: $79,241
97%  
Woo hoo!! And we're now over 97%!! Thank you all very much!! God bless.

Keyword: filecompress

Brevity: Headers | « Text »
  • Up to 500 million exposed by WinRAR remote code execution vulnerability

    10/02/2015 4:22:09 PM PDT · by Utilizer · 9 replies
    iTnews.com (AUS) ^ | Oct 1 2015 6:35AM (AUS) | Juha Saarinen
    ... A researcher has found a way to exploit popular archival utility WinRAR to remotely execute malicious code on users' computers, without any interaction being required. Iranian researcher Mohammad Reza Espargham found that it was possible to use WinRAR SFX 2.51 to add malicious payloads that would execute when users decompress archives. A specially crafted hyper text mark-up language (HTML) text file that is parsed and which attempts to download and run potentially malicious code can be included in WinRAR SFX archives, Espargham noted. The researcher suggested secure parsing of the text file, and encoding of the URL value parameter...