NVD

Id
18572  
Name
CVE-2016-2335  
Description
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2016-06-07  
Modified Date
2016-12-14  
Seq
2016-2335  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
103002 18572 CVE-2016-2335 http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html  View
103003 18572 CVE-2016-2335 openSUSE-SU-2016:1464  View
103004 18572 CVE-2016-2335 openSUSE-SU-2016:1675  View
103005 18572 CVE-2016-2335 openSUSE-SU-2016:1850  View
103006 18572 CVE-2016-2335 DSA-3599  View
103007 18572 CVE-2016-2335 http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html  View
103008 18572 CVE-2016-2335 90531  View
103009 18572 CVE-2016-2335 1035876  View
103010 18572 CVE-2016-2335 http://www.talosintel.com/reports/TALOS-2016-0094/  View
103011 18572 CVE-2016-2335 FEDORA-2016-430bc0f808  View
103012 18572 CVE-2016-2335 FEDORA-2016-bbcb0e4eb4  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
2270 JVNDB-2016-003043 7zip の Archive/Udf/UdfIn.cpp の CInArchive::ReadFileItem メソッドにおけるサービス運用妨害 (DoS) の脆弱性 7zip の Archive/Udf/UdfIn.cpp の CInArchive::ReadFileItem メソッドには、サービス運用妨害 (境界外読み取り) 状態にされる、または任意のコードを実行される脆弱性が存在します。 CVE-2016-2335 88841 CVE-2016-2335 18572 6.8 8.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003043.html 2016-06-01 2016-06-10 View