Opened 4 years ago

Closed 3 years ago

#56425 closed defect (fixed)

p7zip: CVE-2018-10115: Arbitrary code execution via crafted RAR archives

Reported by: raimue (Rainer Müller) Owned by: l2dy (Zero King)
Priority: Normal Milestone:
Component: ports Version:
Keywords: security Cc:
Port: p7zip

Description

A vulnerability was found in the code handling RAR archives in 7zip that allows to execute arbitrary code. This is likely also exploitable in p7zip @16.02. The bug has been fixed in the Windows variant of 7-Zip in version 18.05, but there was no new release for the p7zip code. No patches for p7zip are available as of this writing.

Change History (1)

comment:1 Changed 3 years ago by l2dy (Zero King)

Owner: set to l2dy
Resolution: fixed
Status: newclosed

In 67909febf1dafeaaea1196ea6f0803507f00c2fb/macports-ports (master):

p7zip: Fix CVE-2018-10115

Fixes: #56425

Note: See TracTickets for help on using tickets.