all InfoSec news
Exploring winrar vulnerability (CVE-2023-38831)
Malware Analysis, News and Indicators - Latest topics malware.news
Authored by Neil Tyagi
On 23 August 2023, NIST disclosed a critical RCE vulnerability CVE-2023-38831. It is related to an RCE vulnerability in WinRAR before version 6.23. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the harmless file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. …
archive august critical cve file folder issue jpg may name neil nist rce version vulnerability winrar zip