Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities by lhaplus
CVE-2015-0907 (GCVE-0-2015-0907)
Vulnerability from nvd – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:26
VLAI
EPSS
VEX
Summary
Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN12329472/index.html | third-party-advisoryx_refsource_JVN |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051 | third-party-advisoryx_refsource_JVNDB |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN12329472/414318/index.html | x_refsource_CONFIRM |
Date Public
2015-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#12329472",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN12329472/index.html"
},
{
"name": "JVNDB-2015-000051",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN12329472/414318/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-15T07:57:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#12329472",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN12329472/index.html"
},
{
"name": "JVNDB-2015-000051",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN12329472/414318/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#12329472",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN12329472/index.html"
},
{
"name": "JVNDB-2015-000051",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "http://jvn.jp/en/jp/JVN12329472/414318/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN12329472/414318/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0907",
"datePublished": "2015-04-15T10:00:00.000Z",
"dateReserved": "2015-01-08T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:11.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0906 (GCVE-0-2015-0906)
Vulnerability from nvd – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:26
VLAI
EPSS
VEX
Summary
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN02527990/index.html | third-party-advisoryx_refsource_JVN |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050 | third-party-advisoryx_refsource_JVNDB |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN02527990/414318/index.html | x_refsource_CONFIRM |
Date Public
2015-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#02527990",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN02527990/index.html"
},
{
"name": "JVNDB-2015-000050",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN02527990/414318/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-15T07:57:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#02527990",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN02527990/index.html"
},
{
"name": "JVNDB-2015-000050",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN02527990/414318/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#02527990",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN02527990/index.html"
},
{
"name": "JVNDB-2015-000050",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "http://jvn.jp/en/jp/JVN02527990/414318/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN02527990/414318/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0906",
"datePublished": "2015-04-15T10:00:00.000Z",
"dateReserved": "2015-01-08T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:11.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3158 (GCVE-0-2010-3158)
Vulnerability from nvd – Published: 2010-10-19 19:00 – Updated: 2024-08-07 03:03
VLAI
EPSS
VEX
Summary
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www7a.biglobe.ne.jp/~schezo/dll_vul.html | x_refsource_CONFIRM |
| http://jvn.jp/jp/JVN18774708/index.html | third-party-advisoryx_refsource_JVN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-0… | third-party-advisoryx_refsource_JVNDB |
| http://secunia.com/advisories/41742 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-10-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:17.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVN#18774708",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN18774708/index.html"
},
{
"name": "lhaplus-untrusted-priv-escalation(64436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64436"
},
{
"name": "JVNDB-2010-000039",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVN#18774708",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN18774708/index.html"
},
{
"name": "lhaplus-untrusted-priv-escalation(64436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64436"
},
{
"name": "JVNDB-2010-000039",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVN#18774708",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN18774708/index.html"
},
{
"name": "lhaplus-untrusted-priv-escalation(64436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64436"
},
{
"name": "JVNDB-2010-000039",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html"
},
{
"name": "41742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2010-3158",
"datePublished": "2010-10-19T19:00:00.000Z",
"dateReserved": "2010-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:17.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2368 (GCVE-0-2010-2368)
Vulnerability from nvd – Published: 2010-10-18 16:00 – Updated: 2024-08-07 02:32
VLAI
EPSS
VEX
Summary
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www7a.biglobe.ne.jp/~schezo/dll_vul.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-0… | third-party-advisoryx_refsource_JVNDB |
| http://jvn.jp/en/jp/JVN82752978/index.html | third-party-advisoryx_refsource_JVN |
| http://secunia.com/advisories/41742 | third-party-advisoryx_refsource_SECUNIA |
| http://www.ipa.go.jp/about/press/20101012.html | x_refsource_MISC |
Date Public
2010-10-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVNDB-2010-000037",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html"
},
{
"name": "JVN#82752978",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN82752978/index.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41742"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/about/press/20101012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-21T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVNDB-2010-000037",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html"
},
{
"name": "JVN#82752978",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN82752978/index.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41742"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/about/press/20101012.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVNDB-2010-000037",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html"
},
{
"name": "JVN#82752978",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN82752978/index.html"
},
{
"name": "41742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41742"
},
{
"name": "http://www.ipa.go.jp/about/press/20101012.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/about/press/20101012.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2368",
"datePublished": "2010-10-18T16:00:00.000Z",
"dateReserved": "2010-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:32:16.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2021 (GCVE-0-2008-2021)
Vulnerability from nvd – Published: 2008-04-30 10:00 – Updated: 2024-08-07 08:41
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2008/1369… | vdb-entryx_refsource_VUPEN |
| http://www.fourteenforty.jp/research/advisory.cgi… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://jvn.jp/jp/JVN%2374468481/index.html | third-party-advisoryx_refsource_JVN |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://secunia.com/advisories/29972 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/28953 | vdb-entryx_refsource_BID |
Date Public
2008-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:41:00.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1369",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1369/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428"
},
{
"name": "lhaplus-zoo-bo(42032)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42032"
},
{
"name": "JVN#74468481",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2374468481/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "29972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29972"
},
{
"name": "28953",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-1369",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1369/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428"
},
{
"name": "lhaplus-zoo-bo(42032)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42032"
},
{
"name": "JVN#74468481",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2374468481/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "29972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29972"
},
{
"name": "28953",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28953"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1369",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1369/references"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428"
},
{
"name": "lhaplus-zoo-bo(42032)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42032"
},
{
"name": "JVN#74468481",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2374468481/index.html"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "29972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29972"
},
{
"name": "28953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28953"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2021",
"datePublished": "2008-04-30T10:00:00.000Z",
"dateReserved": "2008-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:41:00.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6175 (GCVE-0-2007-6175)
Vulnerability from nvd – Published: 2007-11-30 00:00 – Updated: 2024-08-07 15:54
VLAI
EPSS
VEX
Summary
Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://jvn.jp/jp/JVN%2382610488/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/26531 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2007/3960 | vdb-entryx_refsource_VUPEN |
| http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html | x_refsource_CONFIRM |
| http://secunia.com/advisories/27734 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/40583 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-11-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#82610488",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2382610488/index.html"
},
{
"name": "26531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26531"
},
{
"name": "ADV-2007-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3960"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html"
},
{
"name": "27734",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27734"
},
{
"name": "40583",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40583"
},
{
"name": "lhaplus-lzh-bo(38624)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#82610488",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2382610488/index.html"
},
{
"name": "26531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26531"
},
{
"name": "ADV-2007-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3960"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html"
},
{
"name": "27734",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27734"
},
{
"name": "40583",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40583"
},
{
"name": "lhaplus-lzh-bo(38624)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#82610488",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2382610488/index.html"
},
{
"name": "26531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26531"
},
{
"name": "ADV-2007-3960",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3960"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html"
},
{
"name": "27734",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27734"
},
{
"name": "40583",
"refsource": "OSVDB",
"url": "http://osvdb.org/40583"
},
{
"name": "lhaplus-lzh-bo(38624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6175",
"datePublished": "2007-11-30T00:00:00.000Z",
"dateReserved": "2007-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:54:26.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5048 (GCVE-0-2007-5048)
Vulnerability from nvd – Published: 2007-09-24 00:00 – Updated: 2024-08-07 15:17
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www7a.biglobe.ne.jp/~schezo/arj_vul.html | x_refsource_CONFIRM |
| http://www.fourteenforty.jp/research/advisory.cgi… | x_refsource_MISC |
| http://jvn.jp/jp/JVN%2370734805/index.html | third-party-advisoryx_refsource_JVN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/26907 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/25754 | vdb-entryx_refsource_BID |
| http://osvdb.org/40582 | vdb-entryx_refsource_OSVDB |
Date Public
2007-09-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921"
},
{
"name": "JVN#70734805",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2370734805/index.html"
},
{
"name": "lhaplus-arj-bo(36718)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36718"
},
{
"name": "26907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26907"
},
{
"name": "25754",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25754"
},
{
"name": "40582",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40582"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921"
},
{
"name": "JVN#70734805",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2370734805/index.html"
},
{
"name": "lhaplus-arj-bo(36718)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36718"
},
{
"name": "26907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26907"
},
{
"name": "25754",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25754"
},
{
"name": "40582",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40582"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921"
},
{
"name": "JVN#70734805",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2370734805/index.html"
},
{
"name": "lhaplus-arj-bo(36718)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36718"
},
{
"name": "26907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26907"
},
{
"name": "25754",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25754"
},
{
"name": "40582",
"refsource": "OSVDB",
"url": "http://osvdb.org/40582"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5048",
"datePublished": "2007-09-24T00:00:00.000Z",
"dateReserved": "2007-09-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4033 (GCVE-0-2006-4033)
Vulnerability from nvd – Published: 2006-08-09 22:00 – Updated: 2024-08-07 18:57
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/21256 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/441822/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/19263 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/27667 | vdb-entryx_refsource_OSVDB |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://securitytracker.com/id?1016615 | vdb-entryx_refsource_SECTRACK |
| http://vuln.sg/lhaplus152-en.html | x_refsource_MISC |
| http://securityreason.com/securityalert/1351 | third-party-advisoryx_refsource_SREASON |
| http://www.vupen.com/english/advisories/2006/3076 | vdb-entryx_refsource_VUPEN |
Date Public
2006-07-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:45.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "lhaplus-lzh-header-bo(28102)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28102"
},
{
"name": "21256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21256"
},
{
"name": "20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441822/100/0/threaded"
},
{
"name": "19263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19263"
},
{
"name": "27667",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "1016615",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016615"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lhaplus152-en.html"
},
{
"name": "1351",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1351"
},
{
"name": "ADV-2006-3076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "lhaplus-lzh-header-bo(28102)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28102"
},
{
"name": "21256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21256"
},
{
"name": "20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441822/100/0/threaded"
},
{
"name": "19263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19263"
},
{
"name": "27667",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "1016615",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016615"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lhaplus152-en.html"
},
{
"name": "1351",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1351"
},
{
"name": "ADV-2006-3076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3076"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "lhaplus-lzh-header-bo(28102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28102"
},
{
"name": "21256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21256"
},
{
"name": "20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441822/100/0/threaded"
},
{
"name": "19263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19263"
},
{
"name": "27667",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27667"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "1016615",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016615"
},
{
"name": "http://vuln.sg/lhaplus152-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lhaplus152-en.html"
},
{
"name": "1351",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1351"
},
{
"name": "ADV-2006-3076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3076"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4033",
"datePublished": "2006-08-09T22:00:00.000Z",
"dateReserved": "2006-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:57:45.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0907 (GCVE-0-2015-0907)
Vulnerability from cvelistv5 – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:26
VLAI
EPSS
VEX
Summary
Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN12329472/index.html | third-party-advisoryx_refsource_JVN |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051 | third-party-advisoryx_refsource_JVNDB |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN12329472/414318/index.html | x_refsource_CONFIRM |
Date Public
2015-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#12329472",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN12329472/index.html"
},
{
"name": "JVNDB-2015-000051",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN12329472/414318/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-15T07:57:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#12329472",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN12329472/index.html"
},
{
"name": "JVNDB-2015-000051",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN12329472/414318/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#12329472",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN12329472/index.html"
},
{
"name": "JVNDB-2015-000051",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000051"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "http://jvn.jp/en/jp/JVN12329472/414318/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN12329472/414318/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0907",
"datePublished": "2015-04-15T10:00:00.000Z",
"dateReserved": "2015-01-08T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:11.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0906 (GCVE-0-2015-0906)
Vulnerability from cvelistv5 – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:26
VLAI
EPSS
VEX
Summary
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN02527990/index.html | third-party-advisoryx_refsource_JVN |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050 | third-party-advisoryx_refsource_JVNDB |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://jvn.jp/en/jp/JVN02527990/414318/index.html | x_refsource_CONFIRM |
Date Public
2015-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#02527990",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN02527990/index.html"
},
{
"name": "JVNDB-2015-000050",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN02527990/414318/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-15T07:57:00.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#02527990",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN02527990/index.html"
},
{
"name": "JVNDB-2015-000050",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN02527990/414318/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#02527990",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN02527990/index.html"
},
{
"name": "JVNDB-2015-000050",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "http://jvn.jp/en/jp/JVN02527990/414318/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN02527990/414318/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0906",
"datePublished": "2015-04-15T10:00:00.000Z",
"dateReserved": "2015-01-08T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:11.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3158 (GCVE-0-2010-3158)
Vulnerability from cvelistv5 – Published: 2010-10-19 19:00 – Updated: 2024-08-07 03:03
VLAI
EPSS
VEX
Summary
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www7a.biglobe.ne.jp/~schezo/dll_vul.html | x_refsource_CONFIRM |
| http://jvn.jp/jp/JVN18774708/index.html | third-party-advisoryx_refsource_JVN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-0… | third-party-advisoryx_refsource_JVNDB |
| http://secunia.com/advisories/41742 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-10-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:17.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVN#18774708",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN18774708/index.html"
},
{
"name": "lhaplus-untrusted-priv-escalation(64436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64436"
},
{
"name": "JVNDB-2010-000039",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVN#18774708",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN18774708/index.html"
},
{
"name": "lhaplus-untrusted-priv-escalation(64436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64436"
},
{
"name": "JVNDB-2010-000039",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVN#18774708",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN18774708/index.html"
},
{
"name": "lhaplus-untrusted-priv-escalation(64436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64436"
},
{
"name": "JVNDB-2010-000039",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html"
},
{
"name": "41742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2010-3158",
"datePublished": "2010-10-19T19:00:00.000Z",
"dateReserved": "2010-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:03:17.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2368 (GCVE-0-2010-2368)
Vulnerability from cvelistv5 – Published: 2010-10-18 16:00 – Updated: 2024-08-07 02:32
VLAI
EPSS
VEX
Summary
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www7a.biglobe.ne.jp/~schezo/dll_vul.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-0… | third-party-advisoryx_refsource_JVNDB |
| http://jvn.jp/en/jp/JVN82752978/index.html | third-party-advisoryx_refsource_JVN |
| http://secunia.com/advisories/41742 | third-party-advisoryx_refsource_SECUNIA |
| http://www.ipa.go.jp/about/press/20101012.html | x_refsource_MISC |
Date Public
2010-10-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVNDB-2010-000037",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html"
},
{
"name": "JVN#82752978",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN82752978/index.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41742"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/about/press/20101012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-21T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVNDB-2010-000037",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html"
},
{
"name": "JVN#82752978",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN82752978/index.html"
},
{
"name": "41742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41742"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/about/press/20101012.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"name": "JVNDB-2010-000037",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html"
},
{
"name": "JVN#82752978",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN82752978/index.html"
},
{
"name": "41742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41742"
},
{
"name": "http://www.ipa.go.jp/about/press/20101012.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/about/press/20101012.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2368",
"datePublished": "2010-10-18T16:00:00.000Z",
"dateReserved": "2010-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:32:16.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2021 (GCVE-0-2008-2021)
Vulnerability from cvelistv5 – Published: 2008-04-30 10:00 – Updated: 2024-08-07 08:41
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2008/1369… | vdb-entryx_refsource_VUPEN |
| http://www.fourteenforty.jp/research/advisory.cgi… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://jvn.jp/jp/JVN%2374468481/index.html | third-party-advisoryx_refsource_JVN |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://secunia.com/advisories/29972 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/28953 | vdb-entryx_refsource_BID |
Date Public
2008-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:41:00.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1369",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1369/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428"
},
{
"name": "lhaplus-zoo-bo(42032)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42032"
},
{
"name": "JVN#74468481",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2374468481/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "29972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29972"
},
{
"name": "28953",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-1369",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1369/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428"
},
{
"name": "lhaplus-zoo-bo(42032)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42032"
},
{
"name": "JVN#74468481",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2374468481/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "29972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29972"
},
{
"name": "28953",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28953"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1369",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1369/references"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080428"
},
{
"name": "lhaplus-zoo-bo(42032)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42032"
},
{
"name": "JVN#74468481",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2374468481/index.html"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "29972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29972"
},
{
"name": "28953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28953"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2021",
"datePublished": "2008-04-30T10:00:00.000Z",
"dateReserved": "2008-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:41:00.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6175 (GCVE-0-2007-6175)
Vulnerability from cvelistv5 – Published: 2007-11-30 00:00 – Updated: 2024-08-07 15:54
VLAI
EPSS
VEX
Summary
Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://jvn.jp/jp/JVN%2382610488/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/26531 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2007/3960 | vdb-entryx_refsource_VUPEN |
| http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html | x_refsource_CONFIRM |
| http://secunia.com/advisories/27734 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/40583 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-11-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#82610488",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2382610488/index.html"
},
{
"name": "26531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26531"
},
{
"name": "ADV-2007-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3960"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html"
},
{
"name": "27734",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27734"
},
{
"name": "40583",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40583"
},
{
"name": "lhaplus-lzh-bo(38624)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#82610488",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2382610488/index.html"
},
{
"name": "26531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26531"
},
{
"name": "ADV-2007-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3960"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html"
},
{
"name": "27734",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27734"
},
{
"name": "40583",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40583"
},
{
"name": "lhaplus-lzh-bo(38624)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#82610488",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2382610488/index.html"
},
{
"name": "26531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26531"
},
{
"name": "ADV-2007-3960",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3960"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/lzh_vul.html"
},
{
"name": "27734",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27734"
},
{
"name": "40583",
"refsource": "OSVDB",
"url": "http://osvdb.org/40583"
},
{
"name": "lhaplus-lzh-bo(38624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6175",
"datePublished": "2007-11-30T00:00:00.000Z",
"dateReserved": "2007-11-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:54:26.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5048 (GCVE-0-2007-5048)
Vulnerability from cvelistv5 – Published: 2007-09-24 00:00 – Updated: 2024-08-07 15:17
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www7a.biglobe.ne.jp/~schezo/arj_vul.html | x_refsource_CONFIRM |
| http://www.fourteenforty.jp/research/advisory.cgi… | x_refsource_MISC |
| http://jvn.jp/jp/JVN%2370734805/index.html | third-party-advisoryx_refsource_JVN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/26907 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/25754 | vdb-entryx_refsource_BID |
| http://osvdb.org/40582 | vdb-entryx_refsource_OSVDB |
Date Public
2007-09-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921"
},
{
"name": "JVN#70734805",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2370734805/index.html"
},
{
"name": "lhaplus-arj-bo(36718)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36718"
},
{
"name": "26907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26907"
},
{
"name": "25754",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25754"
},
{
"name": "40582",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40582"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921"
},
{
"name": "JVN#70734805",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2370734805/index.html"
},
{
"name": "lhaplus-arj-bo(36718)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36718"
},
{
"name": "26907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26907"
},
{
"name": "25754",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25754"
},
{
"name": "40582",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40582"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/arj_vul.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20070921"
},
{
"name": "JVN#70734805",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2370734805/index.html"
},
{
"name": "lhaplus-arj-bo(36718)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36718"
},
{
"name": "26907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26907"
},
{
"name": "25754",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25754"
},
{
"name": "40582",
"refsource": "OSVDB",
"url": "http://osvdb.org/40582"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5048",
"datePublished": "2007-09-24T00:00:00.000Z",
"dateReserved": "2007-09-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4033 (GCVE-0-2006-4033)
Vulnerability from cvelistv5 – Published: 2006-08-09 22:00 – Updated: 2024-08-07 18:57
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/21256 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/441822/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/19263 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/27667 | vdb-entryx_refsource_OSVDB |
| http://www7a.biglobe.ne.jp/~schezo/ | x_refsource_CONFIRM |
| http://securitytracker.com/id?1016615 | vdb-entryx_refsource_SECTRACK |
| http://vuln.sg/lhaplus152-en.html | x_refsource_MISC |
| http://securityreason.com/securityalert/1351 | third-party-advisoryx_refsource_SREASON |
| http://www.vupen.com/english/advisories/2006/3076 | vdb-entryx_refsource_VUPEN |
Date Public
2006-07-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:45.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "lhaplus-lzh-header-bo(28102)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28102"
},
{
"name": "21256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21256"
},
{
"name": "20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441822/100/0/threaded"
},
{
"name": "19263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19263"
},
{
"name": "27667",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "1016615",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016615"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lhaplus152-en.html"
},
{
"name": "1351",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1351"
},
{
"name": "ADV-2006-3076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "lhaplus-lzh-header-bo(28102)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28102"
},
{
"name": "21256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21256"
},
{
"name": "20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441822/100/0/threaded"
},
{
"name": "19263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19263"
},
{
"name": "27667",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "1016615",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016615"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lhaplus152-en.html"
},
{
"name": "1351",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1351"
},
{
"name": "ADV-2006-3076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3076"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "lhaplus-lzh-header-bo(28102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28102"
},
{
"name": "21256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21256"
},
{
"name": "20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441822/100/0/threaded"
},
{
"name": "19263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19263"
},
{
"name": "27667",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27667"
},
{
"name": "http://www7a.biglobe.ne.jp/~schezo/",
"refsource": "CONFIRM",
"url": "http://www7a.biglobe.ne.jp/~schezo/"
},
{
"name": "1016615",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016615"
},
{
"name": "http://vuln.sg/lhaplus152-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lhaplus152-en.html"
},
{
"name": "1351",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1351"
},
{
"name": "ADV-2006-3076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3076"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4033",
"datePublished": "2006-08-09T22:00:00.000Z",
"dateReserved": "2006-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:57:45.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}