The vulnerability is caused due to a boundary error in Dec2Rar.dll when copying data based on the length field in the sub-block headers of a RAR archive. This can be exploited to cause a heap-based buffer overflow and may allow arbitrary code execution when a malicious RAR archive is scanned.