Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.
References
Link | Resource |
---|---|
http://jvn.jp/jp/JVN%2362868899/index.html | Third Party Advisory |
http://sourceforge.net/project/shownotes.php?release_id=535160&group_id=14481 | Product Third Party Advisory |
http://akky.cjb.net/security/7-zip3.txt | Broken Link |
http://secunia.com/advisories/26624 | Third Party Advisory |
http://www.securityfocus.com/bid/25545 | Third Party Advisory VDB Entry |
http://osvdb.org/40482 | Broken Link |
http://www.vupen.com/english/advisories/2007/3086 | Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/36459 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2007-09-05 12:17
Updated : 2020-09-17 06:38
NVD link : CVE-2007-4725
Mitre link : CVE-2007-4725
JSON object : View
CWE
CWE-400
Uncontrolled Resource Consumption
Products Affected
7-zip
- 7-zip