TROYANOSYVIRUS
Voltar para CVEs

CVE-2016-2334

N/A

Descricao

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.

Detalhes CVE

Pontuacao CVSS v3.1N/A
Publicado12/13/2016
Ultima modificacao5/6/2026
Fontenvd
Avistamentos honeypot0

Produtos afetados

7-zip:7-zipfedoraproject:fedoraoracle:solaris

Fraquezas (CWE)

CWE-119

Referencias

http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html(cret@cert.org)
http://blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.html(cret@cert.org)
http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html(cret@cert.org)
http://www.securityfocus.com/bid/90531(cret@cert.org)
http://www.securitytracker.com/id/1035876(cret@cert.org)
http://www.talosintel.com/reports/TALOS-2016-0093/(cret@cert.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNYIQAU3FKFBNFPK6GKYTSVRHQA7PTYT/(cret@cert.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTGWICT3KYYDPDXRNO5SXD32GZICGRIR/(cret@cert.org)
https://security.gentoo.org/glsa/201701-27(cret@cert.org)
http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html(af854a3a-2127-422b-91ae-364da2661108)
http://blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/90531(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1035876(af854a3a-2127-422b-91ae-364da2661108)
http://www.talosintel.com/reports/TALOS-2016-0093/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNYIQAU3FKFBNFPK6GKYTSVRHQA7PTYT/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTGWICT3KYYDPDXRNO5SXD32GZICGRIR/(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201701-27(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.