QwikSec

Security Database

CVE

CWE

Training

CVE-2016-2335

Published: Jun 7, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2016:1850

vendor-advisory

x_refsource_SUSE

FEDORA-2016-bbcb0e4eb4

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2016:1464

vendor-advisory

x_refsource_SUSE

http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html

x_refsource_MISC

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2016:1675

vendor-advisory

x_refsource_SUSE

http://www.talosintel.com/reports/TALOS-2016-0094/

x_refsource_MISC

vendor-advisory

x_refsource_DEBIAN

http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html

x_refsource_CONFIRM

FEDORA-2016-430bc0f808

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.