Vulnerability Database
299,759
Total vulnerabilities in the database
CVE-2016-2334
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
| Software | From | Fixed in |
|---|---|---|
| 7-zip / 7-zip | - | 15.14.x |
| fedoraproject / fedora | 24 | 24.x |
| fedoraproject / fedora | 23 | 23.x |
| oracle / solaris | - | - |
- http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html
- http://blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
- http://www.securityfocus.com/bid/90531
- http://www.securitytracker.com/id/1035876
- http://www.talosintel.com/reports/TALOS-2016-0093/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNYIQAU3FKFBNFPK6GKYTSVRHQA7PTYT/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTGWICT3KYYDPDXRNO5SXD32GZICGRIR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNYIQAU3FKFBNFPK6GKYTSVRHQA7PTYT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTGWICT3KYYDPDXRNO5SXD32GZICGRIR/
- https://security.gentoo.org/glsa/201701-27
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime