all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exploring winrar vulnerability (CVE-2023-38831)

Add to bookmarks
Sept. 19, 2023, 6:45 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Authored by Neil Tyagi


On 23 August 2023, NIST disclosed a critical RCE vulnerability CVE-2023-38831. It is related to an RCE vulnerability in WinRAR before version 6.23. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the harmless file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. …

archive august critical cve file folder issue jpg may name neil nist rce version vulnerability winrar zip

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Graph: Growing number of threats leveraging Microsoft API 8 minutes ago | malware.news
api article blogs cloud +12
The Future of Passwordless Authentication in Cybersecurity 18 minutes ago | malware.news
actions authentication biometric clicking +15
Vulnerability in CraftBeerPi 4 software 53 minutes ago | malware.news
article cert cert polska cve +9
Operation PANDORA shuts down 12 phone fraud call centres 2 hours ago | malware.news
bank call cash customer +16
Security Awareness Service Release on April 29, 2024 2 hours ago | malware.news
april article awareness delivery +12
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps 3 hours ago | malware.news
android android apps application applications +24
Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR 3 hours ago | malware.news
article blog community compass +11
Release Notes: YARA Search, New Rules, Config Extractors, and More 4 hours ago | malware.news
any.run april config data +22
2023 Activities Summary of SectorJ groups (KOR) 5 hours ago | malware.news
ransomware

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs