Download
| Alert*
|
oval:org.secpod.oval:def:602146
p7zip is installed oval:org.secpod.oval:def:1800837 p7zip is installed oval:org.secpod.oval:def:1800836 A null pointer dereference bug affects the current and many old versions of p7zip. It is because the lack of check for the array variable folders.PackPositions after a loop of initialization. Reference: oval:org.secpod.oval:def:602136 Alexander Cherepanov discovered that p7zip is susceptible to a directory traversal vulnerability. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current director ... oval:org.secpod.oval:def:70165 p7zip: 7z file archiver with high compression ratio p7zip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:602532 Marcin "Icewall" Noga of Cisco Talos discovered an out-of-bound read vulnerability in the CInArchive::ReadFileItem method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitra ... oval:org.secpod.oval:def:603258 "landave" discovered a heap-based buffer overflow vulnerability in the NCompress::NShrink::CDecoder::CodeReal method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary co ... oval:org.secpod.oval:def:704835 p7zip: 7z file archiver with high compression ratio p7zip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:53242 "landave" discovered a heap-based buffer overflow vulnerability in the NCompress::NShrink::CDecoder::CodeReal method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary co ... |
