FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

p7zip -- usage of uninitialized memory

Affected packages
p7zip < 18.05

Details

VuXML ID 942fff11-5ac4-11ec-89ea-c85b76ce9b5a
Discovery 2018-05-02
Entry 2021-12-11

NVD reports:

Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.

References

CVE Name CVE-2018-10115
URL https://nvd.nist.gov/vuln/detail/CVE-2018-10115