Lucene search
MitreCVELIST:CVE-2022-29072HistoryApr 15, 2022 - 7:54 p.m.
CVE-2022-29072
2022-04-1519:54:15
mitre
www.cve.org
12
7-zip
windows
privilege escalation
command execution
7z.dll
heap overflow
EPSS
0.001
Percentile
49.9%
7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process. NOTE: multiple third parties have reported that no privilege escalation can occur
Related
hivepro
hivepro
What will be the consequence of this disputed vulnerability in 7-ZIP?
2022-04-26 12:22:45
Weekly Threat Digest: 18 – 24 April 2022
2022-04-27 12:44:38
prion
prion
Design/Logic Flaw
2022-04-15 20:15:00
githubexploit
githubexploit
Exploit for Heap-based Buffer Overflow in 7-Zip
2022-04-18 17:08:43
Exploit for Heap-based Buffer Overflow in 7-Zip
2022-12-20 15:30:12
Exploit for Heap-based Buffer Overflow in 7-Zip
2022-04-18 18:59:01
cve
cve
CVE-2022-29072
2022-04-15 20:15:12
exploitdb
exploitdb
7-zip - Code Execution / Local Privilege Escalation
2022-04-19 00:00:00
vulnrichment
vulnrichment
CVE-2022-29072
2022-04-15 19:54:15
packetstorm
packetstorm
7-Zip 21.07 Code Execution / Privilege Escalation
2022-04-19 00:00:00
kaspersky
kaspersky
KLA12514 PE vulnerability in 7-Zip
2022-04-15 00:00:00
zdt
zdt
7-zip - Code Execution / Local Privilege Escalation Exploit
2022-04-19 00:00:00
nvd
nvd
CVE-2022-29072
2022-04-15 20:15:12