CVE-2017-2248

Name of the Vulnerable Software and Affected Versions Lhaz+ versions 3.4.0 and earlier

Description The issue concerns an untrusted search path vulnerability in the Installer of Lhaz+, allowing an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Recommendations For versions 3.4.0 and earlier, update to a version later than 3.4.0 to resolve the issue.