The host is installed with WinRAR through 5.60 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to properly handle the parsing of a crafted LHA / LZH archive formats. Successful exploitation allows attackers to perform arbitrary code execution in the context of the current user.