VDB

CVE-2023-52169

CVE-2023-52169 PUBLISHED CVSS 8.199999809265137 HIGH

The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image.

EPSS 0.18% · 39.5th percentile

Risk Scores

CVSS 3.1
8.199999809265137
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:F/RL:O/RC:C
EPSS Score
0.18%
39.5th percentile

Affected Products

VendorProductVersions
ABBABB 800xA for AC 870P Melody <=6.2
ABBABB Batch Management <=6.2
ABBABB 800xA for Symphony Plus Harmony <=6.2
ABBABB 800xA History <=7.0
ABBABB Production Response Batch History <=6.2
ABBABB Application Change Management <=6.2

Exploit Intelligence

…and 7 more exploits

Timeline

  • Jul 3, 2024 CVE Published
  • Jul 4, 2024 EPSS Score
  • Jul 5, 2024 PoC Published
  • Jul 26, 2024 EPSS Score
  • Aug 17, 2024 EPSS Score
  • Sep 9, 2024 EPSS Score
  • Oct 1, 2024 EPSS Score
  • Oct 5, 2024 Coalition ESS Score
  • Oct 23, 2024 EPSS Score
  • Nov 14, 2024 EPSS Score
  • Dec 7, 2024 EPSS Score
  • Dec 30, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›