CVE-2014-125119

Sažetak

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the user, while the file from the Local File Header is extracted and executed. An attacker can leverage this flaw to spoof filenames and trick users into executing malicious payloads under the guise of harmless files, potentially leading to remote code execution.

Reference

https://an7isec.blogspot.com/2014/03/winrar-file-extension-spoofing-0day.html
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/winrar_name_spoofing.rb
https://web.archive.org/web/20140625054244/http://intelcrawler.com/news-15
https://web.archive.org/web/20141111142204/https://www.intelcrawler.com/report_2603.pdf
https://www.rarlab.com/vuln_zip_spoofing_4.20.html
https://www.vulncheck.com/advisories/winrar-filename-spoofing-rce

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

25-07-2025 - 16:15

Objavljeno

25-07-2025 - 16:15