[] NeoSense
E X P L O I T S
title author type platform port cve id

Unreal Commander 0.92 - ZIP / RAR Archive Handling Traversal Arbitrary File Overwrite

Author: Gynvael Coldwind
type: remote
platform: multiple
port: 
date_added: 2007-08-23 
date_updated: 2013-12-28 
verified: 1 
codes: CVE-2007-4545;OSVDB-39614 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/25419/info

Unreal Commander is prone to multiple remote vulnerabilities when handling malformed ZIP and RAR archives. These vulnerabilities include a directory-traversal vulnerability, an information-disclosure vulnerability, and a filename-spoofing vulnerability.

An attacker can exploit these issues to compromise the affected computer, overwrite arbitrary files, and obtain sensitive information. Exploits of these issues may lead to other attacks.

Unreal Commander 0.92 (build 565) and 0.92 (build 573) are vulnerable; prior versions may also be affected.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30521-1.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30521-2.zip
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.