CVE-2017-2107

Description

Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected products

• Akky / Self-extracting archive files created by 7-ZIP32.DLLver9.22.00.01 and earlier – ver9.22.00.01 and earlier

References

• MISChttp://akky.xrea.jp/security/7-zip4.txt
• MISChttp://www.securityfocus.com/bid/96431
• MISChttp://jvn.jp/en/jp/JVN86200862/index.html