CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
95.1%
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
7-zip | 7-zip | * | cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:* |
7-zip | 7-zip | 4.43 | cpe:2.3:a:7-zip:7-zip:4.43:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.44 | cpe:2.3:a:7-zip:7-zip:4.44:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.45 | cpe:2.3:a:7-zip:7-zip:4.45:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.46 | cpe:2.3:a:7-zip:7-zip:4.46:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.47 | cpe:2.3:a:7-zip:7-zip:4.47:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.48 | cpe:2.3:a:7-zip:7-zip:4.48:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.49 | cpe:2.3:a:7-zip:7-zip:4.49:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.50 | cpe:2.3:a:7-zip:7-zip:4.50:beta:*:*:*:*:*:* |
7-zip | 7-zip | 4.51 | cpe:2.3:a:7-zip:7-zip:4.51:beta:*:*:*:*:*:* |
akky.cjb.net/security/7-zip3.txt
jvn.jp/jp/JVN%2362868899/index.html
osvdb.org/40482
secunia.com/advisories/26624
sourceforge.net/project/shownotes.php?release_id=535160&group_id=14481
www.securityfocus.com/bid/25545
www.vupen.com/english/advisories/2007/3086
exchange.xforce.ibmcloud.com/vulnerabilities/36459