CVE-2016-2334
CVE-2016-2334
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.htmlhttp://blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNYIQAU3FKFBNFPK6GKYTSVRHQA7PTYT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTGWICT3KYYDPDXRNO5SXD32GZICGRIR/https://security.gentoo.org/glsa/201701-27http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.htmlhttp://www.securityfocus.com/bid/90531http://www.securitytracker.com/id/1035876http://www.talosintel.com/reports/TALOS-2016-0093/