rpm package
suse/p7zip&distro=SUSE Linux Enterprise Server 12 SP2
pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-5996 | Hig | 7.8 | < 9.20.1-7.3.1 | 9.20.1-7.3.1 | Jan 31, 2018 | Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a c | |
| CVE-2017-17969 | Hig | 7.8 | < 9.20.1-7.3.1 | 9.20.1-7.3.1 | Jan 30, 2018 | Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | |
| CVE-2016-1372 | Med | 5.5 | < 9.20.1-7.3.1 | 9.20.1-7.3.1 | Oct 3, 2016 | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file. |
- affected < 9.20.1-7.3.1fixed 9.20.1-7.3.1
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a c
- affected < 9.20.1-7.3.1fixed 9.20.1-7.3.1
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
- affected < 9.20.1-7.3.1fixed 9.20.1-7.3.1
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.