QwikSec

Security Database

CVE

CWE

Training

CVE-2018-5996

Published: Jan 31, 2018

Modified: Jan 10, 2025

PUBLISHED

Description

Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/

vdb-entry

https://0patch.blogspot.si/2018/02/two-interesting-micropatches-for-7-zip.html

https://github.com/p7zip-project/p7zip/issues/8

https://github.com/p7zip-project/p7zip/issues/32

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.