VDB
DEBIAN-CVE-2023-52168
DEBIAN-CVE-2023-52168
PUBLISHED
CVSS 8.399999618530273 HIGH
The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc.
Risk Scores
CVSS 3.1
8.399999618530273
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | p7zip | 16.02+dfsg-8, 16.02+transitional.1, 16.02+transitional.1 |
| Debian:14 | 7zip | 0, 0, 0 |
| Debian:12 | 7zip | 0, 22.01+dfsg-8, 0 |
| Debian:12 | p7zip | 16.02+transitional.1, 16.02+dfsg-8, 16.02+transitional.1 |
| Debian:13 | p7zip | 0, 0, 0 |
| Debian:13 | 7zip | 0, 0, 0 |
Timeline
- Jul 3, 2024 CVE Published
- May 16, 2026 CVE Updated