Remote Code Execution Vulnerability in 7-Zip by Igor Pavlov
CVE-2008-6536

Currently unrated

Key Information:

Vendor: 7-zip
Status: 7-zip
Vendor: CVE Published:; 30 March 2009

Summary

7-Zip, a widely used file archiving software, contains a vulnerability that may be exploited by attackers to execute arbitrary code remotely. This weakness exists in versions prior to 4.5.7 and has been identified during testing conducted by the PROTOS GENOME test suite for archive formats. Attackers could potentially leverage this vulnerability to manipulate the behavior of the software, posing significant risks to users and systems utilizing affected versions.

References

http://www.vupen.com/english/advisories/2008/0914/references

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/29434

third-party-advisoryx_refsource_SECUNIA

http://www.cert.fi/haavoittuvuudet/joint-advisory-archive...

x_refsource_MISC

Timeline

Vulnerability published
Mar 30, 2009
Vulnerability Reserved
Mar 29, 2009