When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache commons compress |
||
netapp active iq unified manager - |
||
netapp oncommand insight - |
||
oracle banking digital experience |
||
oracle banking digital experience 19.1 |
||
oracle banking digital experience 19.2 |
||
oracle banking digital experience 20.1 |
||
oracle banking digital experience 21.1 |
||
oracle banking enterprise default management 2.7.0 |
||
oracle banking party management 2.7.0 |
||
oracle business process management suite 12.2.1.3.0 |
||
oracle business process management suite 12.2.1.4.0 |
||
oracle commerce guided search 11.3.2 |
||
oracle communications billing and revenue management 12.0.0.4 |
||
oracle communications cloud native core automated test suite 1.8.0 |
||
oracle communications cloud native core service communication proxy 1.14.0 |
||
oracle communications cloud native core unified data repository 1.14.0 |
||
oracle communications diameter intelligence hub |
||
oracle communications session route manager |
||
oracle financial services crime and compliance management studio 8.0.8.2.0 |
||
oracle financial services crime and compliance management studio 8.0.8.3.0 |
||
oracle financial services enterprise case management 8.0.7.2.0 |
||
oracle financial services enterprise case management 8.0.8.1.0 |
||
oracle flexcube universal banking |
||
oracle flexcube universal banking 12.4.0 |
||
oracle flexcube universal banking 14.5 |
||
oracle healthcare data repository 8.1.0 |
||
oracle insurance policy administration 11.0.2 |
||
oracle insurance policy administration 11.1.0 |
||
oracle insurance policy administration 11.2.8 |
||
oracle insurance policy administration 11.3.0 |
||
oracle insurance policy administration 11.3.1 |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle peoplesoft enterprise peopletools 8.59 |
||
oracle primavera unifier |
||
oracle primavera unifier 18.8 |
||
oracle primavera unifier 19.12 |
||
oracle primavera unifier 20.12 |
||
oracle utilities testing accelerator 6.0.0.1.1 |
||
oracle utilities testing accelerator 6.0.0.2.2 |
||
oracle utilities testing accelerator 6.0.0.3.1 |
||
oracle webcenter portal 12.2.1.3.0 |
||
oracle webcenter portal 12.2.1.4.0 |
||
oracle communications messaging server 8.1 |