Added: 06/09/2006
CVE: CVE-2005-3051
BID: 14925
OSVDB: 19639
7-Zip is a free file archiver for Windows platforms.
A buffer overflow vulnerability in 7-Zip could allow code execution when a specially crafted ARJ file is opened.
Upgrade to 7-Zip 4.27 beta or higher.
<http://secunia.com/secunia_research/2005-45/advisory/>
Exploit works on 7-Zip 4.23. Successful exploitation requires a user to download and open the exploit file in 7-Zip.
Execution of this exploit requires the Digest::CRC PERL module. On Linux systems this is typically found in a package named such as libdigest-crc-perl or perl-Digest-CRC.
Windows