A remote code execution vulnerability has been reported in WinRAR, exposing 500 million users to a possible attack. The vulnerability is due to improper handling of the relative path of a file in an ACE archive, which leads to directory traversal. A remote attacker could exploit this vulnerability by enticing a target user to open a maliciously crafted ACE file. Successful exploitation of the vulnerability could lead to arbitrary code execution in the context of the user.