rpm package
suse/p7zip&distro=SUSE Linux Enterprise Desktop 12
pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-2335 | Hig | 8.8 | < 9.20.1-6.1 | 9.20.1-6.1 | Jun 7, 2016 | The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file. | |
| CVE-2015-1038 | — | < 9.20.1-3.2 | 9.20.1-3.2 | Jan 21, 2015 | p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. |
- affected < 9.20.1-6.1fixed 9.20.1-6.1
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
- CVE-2015-1038Jan 21, 2015affected < 9.20.1-3.2fixed 9.20.1-3.2
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.