#VU12820 Improper check or handling of exceptional conditions in 7-Zip - CVE-2018-5996

Cybersecurity Help s.r.o.

Published: 2018-05-18

Vulnerability identifier: #VU12820

Vulnerability risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-5996

CWE-ID: CWE-703

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
7-Zip
Client/Desktop applications / Software for archiving

Vendor: 7-zip.org

Description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the method NCompress::NRar3::CDecoder::Code due to insufficient exception handling. A remote attacker can trickt eh victim into opening a specially crafted RAR file, trigger multiple memory corruptions within the PPMd code and cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Update to version 18.00.

Vulnerable software versions

7-Zip: 15.05 - 17.01

External links
https://sourceforge.net/p/sevenzip/discussion/45797/thread/628149a0/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler 20.03 LTS SP2 update for p7zip

Improper check or handling of exceptional conditions in linux-firmware (Alpine package)

Remote code execution in 7-zip