Описание
Multiple serious vulnerabilities have been found in 7-Zip. Malicious users can exploit these vulnerabilities to cause denial of service and possibly to execute arbitrary code.
Below is a complete list of vulnerabilities:
- Memory corruption vulnerabilities in RAR3 handler can be exploited remotely via specially crafted RAR archive to cause denial of service and possibly to execute arbitrary code;
- A heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method can be exploited remotely via specially crafted ZIP archive to cause denial of service and possibly to execute arbitrary code
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2017-17969 high
- CVE-2018-5996 high
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!