CVE-2016-2334

🗓️ 13 Dec 2016 22:00:00Reported by certccType

cve

cve🔗 web.nvd.nist.gov👁 136 Views

Heap-based buffer overflow in NArchive::NHfs::CHandler::ExtractZlibFile metho

Reporter	Title	Published	Views	Family All 31
Tenable Nessus	7-Zip < 16.00 Multiple Vulnerabilities	19 May 201600:00	–	nessus
Tenable Nessus	Fedora 23 : p7zip (2016-430bc0f808)	2 Aug 201600:00	–	nessus
Tenable Nessus	Fedora 24 : p7zip (2016-bbcb0e4eb4)	21 Jul 201600:00	–	nessus
Tenable Nessus	FreeBSD : p7zip -- heap overflow vulnerability (a9bcaf57-4a7b-11e6-97f7-5453ed2e2b49)	18 Jul 201600:00	–	nessus
Tenable Nessus	GLSA-201701-27 : 7-Zip: Multiple vulnerabilities	12 Jan 201700:00	–	nessus
FreeBSD	p7zip -- heap overflow vulnerability	11 May 201600:00	–	freebsd
ArchLinux	p7zip: arbitrary code execution	18 May 201600:00	–	archlinux
Atlassian	SourceTree 7za Vulnerability.	13 Jul 201619:48	–	atlassian
Atlassian	SourceTree 7za Vulnerability.	13 Jul 201619:48	–	atlassian
Circl	CVE-2016-2334	30 Nov 201717:49	–	circl

NVD

Node

7-zip 7-zipRange≤15.14

Node

fedoraproject fedoraMatch23

OR

fedoraproject fedoraMatch24

Node

Source	Link
blog	www.blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNYIQAU3FKFBNFPK6GKYTSVRHQA7PTYT/
securityfocus	www.securityfocus.com/bid/90531
talosintel	www.talosintel.com/reports/TALOS-2016-0093/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTGWICT3KYYDPDXRNO5SXD32GZICGRIR/
security	www.security.gentoo.org/glsa/201701-27
oracle	www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
securitytracker	www.securitytracker.com/id/1035876
blog	www.blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html

06 May 2026 22:30Current

8High risk

Vulners AI Score8

CVSS 37.8

CVSS 29.3

EPSS0.16299

cve-2016-2334 7zip p7zip buffer overflow narchive nhfs chandler extractzlibfile remote code execution hfs+ image nvd