Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-31102

Date: November 2, 2023

Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.

Severity Score

Related Resources (7)

https://nvd.nist.gov/vuln/detail/CVE-2023-31102
https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
https://security.netapp.com/advisory/ntap-20231110-0007/
https://www.7-zip.org/download.html
https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102/
https://www.mend.io/vulnerability-database/CVE-2023-31102

Severity Score

Weakness Type (CWE)

Integer Underflow (Wrap or Wraparound)

CWE-191

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us