1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Dangerous 7-Zip flaws put many other software products at risk

Discussion in 'Network World' started by RSS, May 12, 2016.

  1. RSS

    RSS New Member Member

    Two vulnerabilities recently patched in 7-Zip could put at risk of compromise many software products and devices that bundle the open-source file archiving library.

    The flaws, an out-of-bounds read vulnerability and a heap overflow, were discovered by researchers from Cisco's Talos security team. They were fixed in 7-Zip 16.00, released Tuesday.

    The 7-Zip software can pack and unpack files using a large number of archive formats, including its own 7z format, which is more efficient than ZIP. Its versatility and open-source nature make it an attractive library to include in other software projects that need to process and deal with archived files.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page