WinRAR 有漏洞

本帖最後由 鴨仔 於 2019-2-24 14:02 編輯

Nadav Grossman from Check Point Software Technologies informed us
      about a security vulnerability in UNACEV2.DLL library.
      Aforementioned vulnerability makes possible to create files
      in arbitrary folders inside or outside of destination folder
      when unpacking ACE archives.

      WinRAR used this third party library to unpack ACE archives.
      UNACEV2.DLL had not been updated since 2005 and we do not have access
      to its source code. So we decided to drop ACE archive format support
      to protect security of WinRAR users.

      We are thankful to Check Point Software Technologies for reporting
      this issue.

請升級到5.7 Beta 1或之後版本
https://rarlab.com/download.htm

ACE archive format 係咩黎,有咩用?

TOP

ACE archive format 係咩黎,有咩用?
TH30 發表於 24/2/2019 12:34

DOS 和 dial-up modem BBS 年代的嘢了.....
大家應該用 7-zip 吧? 可解 ACE!

TOP