Technical Information

A buffer overflow vulnerability occurs when processing recovery volume names in the old RAR 3.0 format. The user must start unpacking a RAR file in the same folder as a REV file with a malformed name to trigger this vulnerability.

Patch release date: Aug 2, 2023
Further information on this vulnerability is available at:
https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa