High severity7.8NVD Advisory· Published Dec 13, 2016· Updated Jun 17, 2026
CVE-2016-2334
CVE-2016-2334
Description
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
9- www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.htmlnvdPatchThird Party Advisory
- blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.htmlnvdExploitThird Party Advisory
- www.talosintel.com/reports/TALOS-2016-0093/nvdExploitThird Party Advisory
- www.securityfocus.com/bid/90531nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1035876nvdThird Party AdvisoryVDB Entry
- blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.htmlnvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNYIQAU3FKFBNFPK6GKYTSVRHQA7PTYT/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTGWICT3KYYDPDXRNO5SXD32GZICGRIR/nvd
- security.gentoo.org/glsa/201701-27nvd
News mentions
0No linked articles in our index yet.