Описание
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.
Ссылки
- Broken Link
- Third Party Advisory
- Broken Link
- Third Party Advisory
- ProductThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party Advisory
- Broken Link
- Third Party Advisory
- ProductThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 4.42 (включая)
Одно из
cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.43:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.44:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.45:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.46:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.47:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.48:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.49:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.50:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.51:beta:*:*:*:*:*:*
cpe:2.3:a:7-zip:7-zip:4.52:beta:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.16726
Средний
6.8 Medium
CVSS2
Дефекты
CWE-400
Связанные уязвимости
github
почти 4 года назад
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.
EPSS
Процентиль: 95%
0.16726
Средний
6.8 Medium
CVSS2
Дефекты
CWE-400