{"uuid": "62601975-93ef-4aeb-8789-39939f91088c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-17969", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1211", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2017-17969\n\ud83d\udd39 Description: Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.\n\ud83d\udccf Published: 2018-01-30T16:00:00\n\ud83d\udccf Modified: 2025-01-10T18:53:24.022953Z\n\ud83d\udd17 References:\n1. https://www.debian.org/security/2018/dsa-4104\n2. https://lists.debian.org/debian-lts-announce/2018/02/msg00003.html\n3. https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/\n4. http://www.securitytracker.com/id/1040831\n5. https://0patch.blogspot.si/2018/02/two-interesting-micropatches-for-7-zip.html\n6. https://usn.ubuntu.com/3913-1/\n7. https://github.com/p7zip-project/p7zip/issues/7", "creation_timestamp": "2025-01-10T19:06:55.000000Z"}