User interaction is required to exploit this vulnerability because the target must visit a malicious page or open a malicious file. ![]() The Zero Day Initiative writes that this vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. CVE-2023-31102ĬVE-2023-31102 is a 7Z File Parsing Integer Underflow Remote Code Execution vulnerability in 7-Zip that has been assigned a CVE score of 7.8 (i.e., risk is high). Two serious vulnerabilities were published by the Zero-Day-Initiative. German blog reader Ralf had pointed out later, that vulnerabilities in the packing program 7-ZIP has became publicin the discussion area – and Stefan Kanthak also sent me a mail with hints (thanks for that). ![]() ![]() I had reported about a vulnerability in WinRAR in the blog post WinRAR Code Execution Vulnerability CVE-2023-40477 at the end of August.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |