Searching
..

Click anywhere to stop

KLA11190
Multiple vulnerabilities in 7-Zip

Обновлено: 22/01/2024
Дата обнаружения
30/01/2018
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in 7-Zip. Malicious users can exploit these vulnerabilities to cause denial of service and possibly to execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Memory corruption vulnerabilities in RAR3 handler can be exploited remotely via specially crafted RAR archive to cause denial of service and possibly to execute arbitrary code;
  2. A heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method can be exploited remotely via specially crafted ZIP archive to cause denial of service and possibly to execute arbitrary code
Пораженные продукты

7-Zip earlier than 18.01

Решение

Update to the latest version
Download 7-Zip

Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
7-Zip
CVE-IDS
Узнай статистику распространения уязвимостей в твоем регионе