PT-2007-5881 · Akky+2 · Akkywarehouse+1
Akky
·
Publicado
2007-09-05
·
Atualizado
2020-09-17
·
CVE-2007-4725
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
AkkyWareHOUSE versions prior to 4.42.00.04
Description:
The issue allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow. This occurs due to a stack consumption vulnerability in the 7-zip32.dll component.
Recommendations:
For versions prior to 4.42.00.04, update to version 4.42.00.04 or later to resolve the issue. As a temporary workaround, consider avoiding the use of long filenames in archives to minimize the risk of exploitation.
Exploit
Correção
Resource Exhaustion
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
7-Zip
Akkywarehouse