[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability
From: vulnpost-remove@xxxxxxx
Date: 1 Aug 2006 00:52:15 -0000

[vuln.sg] Vulnerability Research Advisory

Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability

by Tan Chew Keong
Release Date: 2006-07-31

Summary
-------
A vulnerability has been found in Lhaplus. When exploited, the vulnerability 
allows execution of arbitrary code when the user extracts a malicious LZH 
archive.

Tested Version
--------------
Lhaplus version 1.52 (Japanese)

Details
-------
http://vuln.sg/lhaplus152-en.html

Prev by Date: Re: Gdiplus.dll division by 0
Next by Date: [ MDKSA-2006:135 ] - Updated freeciv packages fix DoS vulnerabilities
Previous by thread: WoW Roster <= 1.5.x Remote File Include (hsList.php)
Next by thread: [ MDKSA-2006:135 ] - Updated freeciv packages fix DoS vulnerabilities
Index(es):
- Date
- Thread