KLA10823
Denial of service and arbitrary code execution vulnerabilities in 7-Zip

Обновлено: 03/06/2020
Дата обнаружения
01/06/2016
Уровень угрозы
High
Описание

Improper processing of UDF files was found in 7zip. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via specially crafted UDF file.


Technical details

This vulnerability related to CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp. It can be exploited via specially formed PartitionRef field in the Long Allocation Descriptor in a UDF file.

Пораженные продукты

7-Zip 9.20
7-Zip 15.05 beta

Решение

Update to the latest version.
Get 7-Zip

Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
7-Zip
CVE-IDS
Узнай статистику распространения уязвимостей в твоем регионе