Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2016.0056 Cisco Talos has discovered two vulnerabilities in 7-zip prior to version 16.00 16 May 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: 7-zip Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2016-2335 CVE-2016-2334 Member content until: Wednesday, June 15 2016 OVERVIEW Cisco Talos has discovered two vulnerabilities in 7-zip prior to version 16.00. [1] IMPACT Cisco Talos has provided the following details regarding the vulnerabilities: "TALOS-CAN-0094, Out-of-Bounds Read Vulnerability, [CVE-2016-2335] An out-of-bounds read vulnerability exists in the way 7-Zip handles Universal Disk Format (UDF) files. The UDF file system was meant to replace the ISO-9660 file format, and was eventually adopted as the official file system for DVD-Video and DVD-Audio." [1] "TALOS-CAN-0093, Heap Overflow Vulnerability, [CVE-2016-2334] An exploitable heap overflow vulnerability exists in the Archive::NHfs::CHandler::ExtractZlibFile method functionality of 7-Zip. In the HFS+ file system, files can be stored in compressed form using zlib. There are three different ways of keeping data in that form depending on the size of the data. Data from files whose compressed size is bigger than 3800 bytes is stored in a resource fork, split into blocks." [1] MITIGATION 7-zip has released version 16.00 and Cisco Talos urges 7-zip users to update to that non-vulnerable version. [1] REFERENCES [1] Multiple 7-Zip Vulnerabilities Discovered by Talos http://blog.talosintel.com/2016/05/multiple-7-zip-vulnerabilities.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVzkmfn6ZAP0PgtI9AQIuVhAArmRzgDeNOem9v4U1y9CSaiuT1BO9WHn9 FeaBFmL1Z2GElg+QJK4xWef7+XFQ1szSyDXUXvbwxRyW7WJPqKrhmpSZsyK1mQfp 4vheu55Xje3rcLiiQMLIrUlHyEWSU3NsXPcxR0OVeh/I5Be7+o7HDQRgyFig7zNw Z1R025PysQZscMDLWIoRSrmdtkirUKZAF7AJdVD43XphWbthBvqr/YqGNjITJG1j kgZ5/g5WFP/uxTZZu2l7FkAyxYAFzl/0Ea1hy7hNDZZKWKcoHF9L7T6lOzOSOoEd L7XCdDCZIif/1rVcN67s1VzkHcEkJN/Fx1MfTcGtChmWKxp4j97OEmHXwSuBXs2L crT/FH7IDPGwAA94Yu2TH0WEzHFowU/WcLtnVqYnbgfFy9ON+vntYglsXzuoTVmk TUiQF74Lw0GgHJ1II7ytXZfI8v+noMzS9wiP0FUOtq4LoXD30QcP9gW3pAeufDUi wd8saUF94yqdms2bCZeNnyeoMVev4CbmyNuLOZnFfceW6/0GrMZiFGPDTT+3ndF3 nvYDLXPhTaQUTQgvkvVmW17IsctZyxofRYidz1UJQB+RVQijbcoMxMNVuPdI54Bq CpZECDOuODRPFdYKz0h5l4UZ3fKhoksusdFjDuI9kdI92PFZ+pbBKpDrpQoPsYyB IK0aM/Fedtg= =vKDA -----END PGP SIGNATURE-----