High severity8.4NVD Advisory· Published Jul 3, 2024· Updated Apr 15, 2026
CVE-2023-52168
CVE-2023-52168
Description
The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20- osv-coords19 versionspkg:rpm/opensuse/p7zip&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/p7zip&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/p7zip&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/p7zip&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/p7zip&distro=SUSE%20Manager%20Server%204.3
< 16.02-150200.14.12.1+ 18 more
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 9.20.1-7.6.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 9.20.1-7.6.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
- (no CPE)range: < 16.02-150200.14.12.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.