16 matches found
CVE-2022-47069
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer overflow; at most an out-of-bounds read can occur...
CVE-2022-47069
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer overflow; at most an out-of-bounds read can occur...
Heap overflow
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp...
CVE-2022-47069
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer overflow; at most an out-of-bounds read can occur...
CVE-2022-47069
CVE-2022-47069 affects p7zip 16.02, with a heap-buffer-overflow in NArchive::NZip::CInArchive::FindCd(bool) (ZipIn.cpp). Several connected sources reiterate this vulnerability and reference a patch path via updates to p7zip (e.g., p7zip 16.02 packages in Amazon Linux Alpine advisories and CNVS re...
CVE-2022-47069
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer overflow; at most an out-of-bounds read can occur...
CVE-2022-47069
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer overflow; at most an out-of-bounds read can occur...
7zip UDF CInArchive::ReadFileItem Code Execution Vulnerability(CVE-2016-2335)
Summary An out of bound read vulnerability exists in the CInArchive::ReadFileItem method functionality of 7zip for handling UDF files that can lead to denial of service or code execution. Tested Versions 7-Zip 32 15.05 beta 7-Zip 64 9.20 Product URLs http://www.7-zip.org/ Details...
openSUSE Security Update : p7zip (openSUSE-2016-890)
fix 7zip UDF CInArchive::ReadFileItem code execution vulnerability boo979823,CVE-2016-2335 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-890. The text description of this plugi...
p7zip -- Null pointer dereference
MITRE reports: A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams, as used in the 7z.so library and in 7z applications, will cause a crash and a...
SUSE SLED12 / SLES12 Security Update : p7zip (SUSE-SU-2016:1593-1)
This update for p7zip fixes the following issues : - add p7zip-9.20.1-CVE-2016-2335.patch to fix 7zip UDF CInArchive::ReadFileItem code execution vulnerability bsc979823, CVE-2016-2335 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
7Zip UDF CInArchive::ReadFileItem Code Execution Vulnerability
7Zip is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:7-zip:7-zip"; ifdescription...
[SECURITY] [DSA 3599-1] p7zip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3599-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 09, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3599-1 (p7zip - security update)
Marcin Icewall Noga of Cisco Talos discovered an out-of-bound read vulnerability in the CInArchive::ReadFileItem method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of...
CVE-2016-2335
7-Zip/p7zip vulnerability CVE-2016-2335 affects the CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp for 7zip 9.20 and 15.05 beta, enabling out-of-bounds read and potential code execution via the PartitionRef in the Long Allocation Descriptor of a UDF file. Connected advisories confirm a ...
7zip UDF CInArchive::ReadFileItem Code Execution Vulnerability
Summary An out of bound read vulnerability exists in the CInArchive::ReadFileItem method functionality of 7zip for handling UDF files that can lead to denial of service or code execution. Tested Versions 7-Zip 32 15.05 beta 7-Zip 64 9.20 Product URLs http://www.7-zip.org/ Details...