WinRAR 7.13

1. Another directory traversal vulnerability, differing from that
     in WinRAR 7.12, has been fixed.

     When extracting a file, previous versions of WinRAR, Windows versions
     of RAR, UnRAR, portable UnRAR source code and UnRAR.dll can be tricked
     into using a path, defined in a specially crafted archive,
     instead of user specified path.

     Unix versions of RAR, UnRAR, portable UnRAR source code
     and UnRAR library, also as RAR for Android, are not affected.

     We are thankful to Anton Cherepanov, Peter Kosinar, and Peter Strycek
     from ESET for letting us know about this security issue.
  
  2. Bugs fixed:

     a) WinRAR 7.12 "Import settings from file" command failed to restore
        settings, saved by WinRAR versions preceding 7.12;

     b) WinRAR 7.12 set a larger than specified recovery size for compression
        profiles, created by WinRAR 5.21 and older.

Tout d'abord un test?

Télécharger rapidement votre 40 jours version d'essai gratuite de RAR ou WinRAR!

Télécharger le trial Disclaimer