CVE-2007-4725

Published Sep 5, 2007

Last updated 4 years ago

Overview

Description: Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-400

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4781BF9-2A59-412C-BF69-E707EDD06383",
            "versionEndIncluding": "4.42"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.43:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3071CC75-581A-4A34-A354-4ECA2C2ADD55"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.44:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF85486D-6F16-4BD7-A318-8E80EF3E1E93"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.45:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED9B7457-2349-4FF5-BE09-AB5E4E618B96"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.46:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B2E0E16-AC01-4D34-A145-1510DA0DE4F9"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.47:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53C18BF5-D237-4BBE-B008-84C2CF81FBAF"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.48:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AC41507-1413-4224-8DCB-B96469087564"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.49:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BB31556-1D8C-4C98-9013-605DE461FB1F"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.50:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F0851E8-0C8A-48C6-B519-1A2CFD500B8A"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.51:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56A6D1EC-4605-43F0-9290-380168627D5F"
          },
          {
            "criteria": "cpe:2.3:a:7-zip:7-zip:4.52:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56A4F4D2-C4E7-4240-8938-C695586CFE93"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References