CVE-2024-11612

CVSS 3.0 Score 6.5 of 10 (medium)

Details

Published Nov 22, 2024
CWE ID 835

Summary

CVE-2024-11612 is a denial-of-service vulnerability affecting 7-Zip's CopyCoder. This issue arises from a logic error in the streaming process, leading to an infinite loop. Attackers can exploit this flaw by interacting with the library, potentially causing a denial-of-service condition on the target system. The specific vulnerability, ZDI-CAN-24307, was discovered and reported to the community.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share