None · Lha · CVE-2004-0771
**Name of the Vulnerable Software and Affected Versions**
LHA versions (affected versions not specified)
**Description**
The issue is related to a buffer overflow in the extract one function from lhext.c in LHA, which may allow attackers to execute arbitrary code via a long working directory command line option. There are multiple vulnerabilities in the lha package that can lead to disruption of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be done remotely.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.