Required CVE Record Information
Description
Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remote attackers to execute arbitrary code via an LZH LHA file with a crafted header that is not properly handled during expansion.
References 7 Total
- osvdb.org: 65666 vdb-entry
- securityfocus.com: 41025 vdb-entry
- http://www.ponsoftware.com/archiver/bug.htm#lzh_bufover
- secunia.com: 40324 third-party-advisory
- jvndb.jvn.jp: JVNDB-2010-000026 third-party-advisory
- exchange.xforce.ibmcloud.com: explzh-lhaprocessing-bo(59624) vdb-entry
- jvn.jp: JVN#34729123 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- osvdb.org: 65666 vdb-entryx_transferred
- securityfocus.com: 41025 vdb-entryx_transferred
- http://www.ponsoftware.com/archiver/bug.htm#lzh_bufover x_transferred
- secunia.com: 40324 third-party-advisoryx_transferred
- jvndb.jvn.jp: JVNDB-2010-000026 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: explzh-lhaprocessing-bo(59624) vdb-entryx_transferred
- jvn.jp: JVN#34729123 third-party-advisoryx_transferred