CVE-2007-4725

Published: May 9, 2007

Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.

MEDIUM
CVSS v2: 6.8

Status

DocFilters Release	Package	State	Justification	Comment
0.0.0.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.4	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.3	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.2	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.1.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.4	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.4.0	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.3	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.2.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.2	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
23.3	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
23.2.1	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’
23.2	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’
23.1	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’
22.4	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’

Severity score breakdown

References

NVD
MITRE