Cisco Blogs
Share

Vulnerability Walkthrough: 7zip CVE-2016-2334 HFS+ Code Execution Vulnerability


November 30, 2017 - 0 Comments

This blog post was authored by Marcin Noga of Cisco Talos.

Introduction

In 2016 Talos released an advisory for CVE-2016-2334, which was a remote code execution vulnerability affecting certain versions of 7zip, a popular compression utility. In this blog post we will walk through the process of weaponizing this vulnerability and creating a fully working exploit that leverages it on Windows 7 x86 with the affected version of 7zip (x86 15.05 beta) installed.

Read More >>



In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.