cve/2018/CVE-2018-20252.md

### [CVE-2018-20252](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20252)
![](https://img.shields.io/static/v1?label=Product&message=WinRAR&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-787%3A%20Out-of-bounds%20Write&color=brighgreen)

### Description

In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.

### POC

#### Reference
- https://research.checkpoint.com/extracting-code-execution-from-winrar/

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/DanielEbert/winafl
- https://github.com/Team-BT5/WinAFL-RDP
- https://github.com/bacon-tomato-spaghetti/WinAFL-RDP
- https://github.com/googleprojectzero/winafl
- https://github.com/hardik05/winafl-powermopt
- https://github.com/pranav0408/WinAFL
- https://github.com/ssumachai/CS182-Project
- https://github.com/v3nt4n1t0/DetectWinRARaceVulnDomain.ps1
- https://github.com/yrime/WinAflCustomMutate