SourceTree 7za Vulnerability.

2016-07-13T19:48:39
ID ATLASSIAN:SRCTREEWIN-5918
Type atlassian
Reporter gsackett
Modified 2019-12-05T05:09:35

Description

SourceTree Version 1.8.3 installs a 7za.exe (C:\Program Files (x86)\Atlassian\SourceTree\tools\7za.exe) in Version 9.20, which has known vulnerabilities: CVE-2016-2334 CVE-2016-2335

More information about the vulnerabilities: http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html