Required CVE Record Information
Description
Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize.
References 10 Total
- exchange.xforce.ibmcloud.com: lhaplus-lzh-header-bo(28102) vdb-entry
- secunia.com: 21256 third-party-advisory
- securityfocus.com: 20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability mailing-list
- securityfocus.com: 19263 vdb-entry
- osvdb.org: 27667 vdb-entry
- http://www7a.biglobe.ne.jp/~schezo/
- securitytracker.com: 1016615 vdb-entry
- http://vuln.sg/lhaplus152-en.html
- securityreason.com: 1351 third-party-advisory
- vupen.com: ADV-2006-3076 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 10 Total
- exchange.xforce.ibmcloud.com: lhaplus-lzh-header-bo(28102) vdb-entryx_transferred
- secunia.com: 21256 third-party-advisoryx_transferred
- securityfocus.com: 20060801 [vuln.sg] Lhaplus LHA Extended Header Handling Buffer Overflow Vulnerability mailing-listx_transferred
- securityfocus.com: 19263 vdb-entryx_transferred
- osvdb.org: 27667 vdb-entryx_transferred
- http://www7a.biglobe.ne.jp/~schezo/ x_transferred
- securitytracker.com: 1016615 vdb-entryx_transferred
- http://vuln.sg/lhaplus152-en.html x_transferred
- securityreason.com: 1351 third-party-advisoryx_transferred
- vupen.com: ADV-2006-3076 vdb-entryx_transferred