https://live.paloaltonetworks.com/t5/general-topics/7-zip-arj-file-buffer-overflow-vulnerability-31030/m-p/26395#M19248 <HTML><HEAD></HEAD><BODY><P>Has anyone come across this vulnerability?&nbsp; We have several PC's with 7-zip installed for extracted .tar files in windows.&nbsp; Even after we delete 7-zip, we still see these vulnerabilities being flagged by the pan.&nbsp; Has anyone seen this behavior before?&nbsp; Possibly a rootkit or other malware on the pc's?</P><P><BR />Thanks</P></BODY></HTML> Tue, 17 Dec 2013 14:30:23 GMT jmurphy 2013-12-17T14:30:23Z https://live.paloaltonetworks.com/t5/general-topics/7-zip-arj-file-buffer-overflow-vulnerability-31030/m-p/26395#M19248 <HTML><HEAD></HEAD><BODY><P>Has anyone come across this vulnerability?&nbsp; We have several PC's with 7-zip installed for extracted .tar files in windows.&nbsp; Even after we delete 7-zip, we still see these vulnerabilities being flagged by the pan.&nbsp; Has anyone seen this behavior before?&nbsp; Possibly a rootkit or other malware on the pc's?</P><P><BR />Thanks</P></BODY></HTML> Tue, 17 Dec 2013 14:30:23 GMT https://live.paloaltonetworks.com/t5/general-topics/7-zip-arj-file-buffer-overflow-vulnerability-31030/m-p/26395#M19248 jmurphy 2013-12-17T14:30:23Z https://live.paloaltonetworks.com/t5/general-topics/7-zip-arj-file-buffer-overflow-vulnerability-31030/m-p/26396#M19249 <HTML><HEAD></HEAD><BODY><P>Hi Jmurphy,</P><P></P><P>By any chance is this a Global Protect or HIP issue? If yes, there might have been stale registery key, because of that Firewall is detecting 7zip on end Host.</P><P></P><P>If not, where do you see vulnerability flag ? Please provide more detail on vulnerability detection by firewall.</P><P></P><P>Regards,</P><P>Hardik Shah</P></BODY></HTML> Thu, 26 Dec 2013 00:40:28 GMT https://live.paloaltonetworks.com/t5/general-topics/7-zip-arj-file-buffer-overflow-vulnerability-31030/m-p/26396#M19249 hshah 2013-12-26T00:40:28Z