Описание
Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA, as used in products including Turbo Searcher, allows remote attackers to execute arbitrary code via a large ARJ block.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:igor_pavlov:7-zip:3.13:*:*:*:*:*:*:*
cpe:2.3:a:igor_pavlov:7-zip:4.23:*:*:*:*:*:*:*
cpe:2.3:a:igor_pavlov:7-zip:4.26_beta:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.14856
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA, as used in products including Turbo Searcher, allows remote attackers to execute arbitrary code via a large ARJ block.
EPSS
Процентиль: 94%
0.14856
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119