KLA10915 Arbitrary code execution vulnerability in 7-Zip

A heap-based-overflow was found in 7-Zip before 16.00. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HFS+ image. Technical details Vulnerability occurs in method...

CVE-2016-2334

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image...

CVE-2016-2334

The CVE-2016-2334 issue affects 7-Zip (and p7zip) before version 16.00. A heap-based overflow in NArchive::NHfs::CHandler::ExtractZlibFile can allow remote code execution via a crafted HFS+ image. Remediation observed in connected advisories is to upgrade to 16.02 (or newer) to fix CVE-2016-2334/...

CVE-2016-2334

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image...

p7zip -- heap overflow vulnerability

Cisco Talos reports: An exploitable heap overflow vulnerability exists in the NArchive::NHfs::CHandler::ExtractZlibFile method functionality of 7zip that can lead to arbitrary code execution...

7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0093 7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability May 10, 2016 CVE Number CVE-2016-2334 DESCRIPTION An exploitable heap overflow vulnerability exists in the NArchive::NHfs::CHandler::ExtractZlibFile method functionality of...