Opened 6 years ago
Closed 6 years ago
#56425 closed defect (fixed)
p7zip: CVE-2018-10115: Arbitrary code execution via crafted RAR archives
| Reported by: | raimue (Rainer Müller) | Owned by: | l2dy (Zero King) |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | |
| Keywords: | security | Cc: | |
| Port: | p7zip |
Description
A vulnerability was found in the code handling RAR archives in 7zip that allows to execute arbitrary code. This is likely also exploitable in p7zip @16.02. The bug has been fixed in the Windows variant of 7-Zip in version 18.05, but there was no new release for the p7zip code. No patches for p7zip are available as of this writing.
Change History (1)
comment:1 Changed 6 years ago by l2dy (Zero King)
| Owner: | set to l2dy |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Note: See
TracTickets for help on using
tickets.
In 67909febf1dafeaaea1196ea6f0803507f00c2fb/macports-ports (master):