all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exploring winrar vulnerability (CVE-2023-38831)

Add to bookmarks
Sept. 19, 2023, 6:45 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Authored by Neil Tyagi


On 23 August 2023, NIST disclosed a critical RCE vulnerability CVE-2023-38831. It is related to an RCE vulnerability in WinRAR before version 6.23. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the harmless file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. …

archive august critical cve file folder issue jpg may name neil nist rce version vulnerability winrar zip

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Who’s on the hook when Cybersecurity Awareness fails? The Defenders’ Dilemma by Mark Wojtasiak an hour ago | malware.news
article awareness cyber cybersecurity +11
Introducing our 9th annual State of the Software Supply Chain report an hour ago | malware.news
developer developer productivity developers digital +16
Cloudflare Protection Bypass Vulnerability on Threat Actors’ Radar 2 hours ago | malware.news
attackers attacks bypass bypass vulnerability +18
The Underground Economist: Volume 3, Issue 19 2 hours ago | malware.news
back blog dark dark ops +17
Progress Software ‘disappointed’ researchers published PoC of newly-patched bug 4 hours ago | malware.news
article bug concept exploited +14
Strengthening Cybersecurity for small and medium-sized businesses: The importance of Security Orchestration, Automation, and Response … 4 hours ago | malware.news
amp article author automation +16
Release Notes: ChatGPT, Change to API Quotas, New Config Extractors and More 7 hours ago | malware.news
analysts any.run api capabilities +13
Cybersecurity Awareness Month 2023: Why we need more than just cybersecurity awareness 9 hours ago | malware.news
actionable article awareness back +14
ISC Stormcast For Tuesday, October 3rd, 2023 https://isc.sans.edu/podcastdetail/8684, (Tue, Oct 3rd) 11 hours ago | malware.news
topic

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Business Information Security Officer

@ Metrolink | Los Angeles, CA
View on infosec-jobs.com

Cyber Security Consultant

@ Cybit | Belfast, Northern Ireland, United Kingdom
View on infosec-jobs.com

Physical Operations Specialist, AWS Security Operations Center

@ Amazon.com | Herndon, Virginia, USA
View on infosec-jobs.com

Product Cybersecurity Officer (m/w/div.)

@ Bosch Group | Wien, Linz oder Graz, Austria
View on infosec-jobs.com

SC2023-003098 Security Risk Consultant 1 (NS) - WED 11 Oct

@ EMW, Inc. | Braine-l'Alleud, Wallonia, Belgium
View on infosec-jobs.com

Sr Power Design Engineer (Hardware - NetSec)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com
View more jobs