Heap-based Buffer Overflow in 7-Zip and p7zip ZIP Archive Processing

Heap-based Buffer Overflow in 7-Zip and p7zip ZIP Archive Processing

CVE-2017-17969 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.

Learn more about our Web Application Penetration Testing UK.