Lhaz : Security Vulnerabilities, CVEs, CVSS score >= 4
Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip file, a different issue than CVE-2006-4116.
Max CVSS
6.8
EPSS Score
8.92%
Published
2007-08-20
Updated
2017-07-29
Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute arbitrary code via a long filename in (1) an LHZ archive, when saving the filename during extraction; and (2) an LHZ archive with an invalid CRC checksum, when constructing an error message.
Max CVSS
5.1
EPSS Score
1.33%
Published
2006-08-14
Updated
2018-10-17
2 vulnerabilities found