KLA10915
Arbitrary code execution vulnerability in 7-Zip
Обновлено: 17/06/2019
Дата обнаружения
16/12/2016
Уровень угрозы
Critical
Описание

A heap-based-overflow was found in 7-Zip before 16.00. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HFS+ image.


Technical details

Vulnerability occurs in method NArchive::NHfs::CHandler::ExtractZlibFile.

Пораженные продукты

7-Zip before 16.00

Решение

Update to the latest version
Download 7-Zip

Оказываемое влияние
?
ACE 
[?]
Связанные продукты
7-Zip
CVE-IDS
CVE-2016-23349.3Critical