Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize.
Max CVSS
5.1
EPSS Score
10.73%
Published
2006-08-09
Updated
2018-10-17
Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive.
Max CVSS
7.5
EPSS Score
18.28%
Published
2007-09-24
Updated
2017-07-29
Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048.
Max CVSS
6.6
EPSS Score
9.21%
Published
2007-11-30
Updated
2017-07-29
Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive.
Max CVSS
7.5
EPSS Score
17.16%
Published
2008-04-30
Updated
2017-08-08
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Max CVSS
6.9
EPSS Score
0.04%
Published
2010-10-18
Updated
2010-10-21
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Max CVSS
6.9
EPSS Score
0.04%
Published
2010-10-19
Updated
2017-08-17
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.
Max CVSS
5.8
EPSS Score
0.31%
Published
2015-04-15
Updated
2015-04-15
Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.
Max CVSS
6.8
EPSS Score
3.07%
Published
2015-04-15
Updated
2015-04-15
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!