KLA11240
Critical vulnerability in 7-Zip
Updated: 05/05/2018
CVSS
?
10.0
Detect date
?
05/02/2018
Severity
?
Critical
Description

A critical vulnerability was found in 7-Zip. By exploiting this vulnerability malicious users can cause denial or service or execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted RAR archive.

NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.

Affected products

7-Zip versions earlier than 18.03

Solution

Update to the latest version
7-Zip Download

Original advisories

7-Zip Discussion

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
7-Zip (MSI installer)
7-Zip
CVE-IDS
?

CVE-2018-10115