English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10823
Denial of service and arbitrary code execution vulnerabilities in 7-Zip
Updated: 06/03/2020
|
Detect date
?
|
06/01/2016 |
|
Severity
?
|
High |
|
Description
|
Improper processing of UDF files was found in 7zip. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via specially crafted UDF file. Technical details This vulnerability related to CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp. It can be exploited via specially formed PartitionRef field in the Long Allocation Descriptor in a UDF file. |
|
Affected products
|
7-Zip 9.20 |
|
Solution
|
Update to the latest version. |
|
Impacts
?
|
ACE [?] DoS [?] |
|
Related products
|
7-Zip |
|
CVE-IDS
?
|
|
| Find out the statistics of the vulnerabilities spreading in your region |