Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2015-5663
Deferred
More InfoOfficial Page
Source-vultures@jpcert.or.jp
View Known Exploited Vulnerability (KEV) details
Published At-30 Dec, 2015 | 05:59
Updated At-12 Apr, 2025 | 10:46

The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.4HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.03.7LOW
AV:L/AC:H/Au:N/C:P/I:P/A:P
CPE Matches
RARLAB (WinRAR)
rarlab
>>winrar>>Versions up to 5.30(inclusive)
cpe:2.3:a:rarlab:winrar:*:beta_4:*:*:*:*:x64:*
RARLAB (WinRAR)
rarlab
>>winrar>>Versions up to 5.30(inclusive)
cpe:2.3:a:rarlab:winrar:*:beta_4:*:*:*:*:x86:*
Weaknesses
CWE IDTypeSource
CWE-264Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://jvn.jp/en/jp/JVN64636058/index.htmlvultures@jpcert.or.jp
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000199vultures@jpcert.or.jp
Vendor Advisory
http://www.securityfocus.com/bid/79666vultures@jpcert.or.jp
N/A
http://www.securitytracker.com/id/1034881vultures@jpcert.or.jp
N/A
http://jvn.jp/en/jp/JVN64636058/index.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000199af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/79666af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1034881af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found