PT-2017-7988 · Lha+1 · Lha+1

Paris Zoumpouloglou

Publicado

2016-04-21

Atualizado

2020-07-27

CVE-2016-1925

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions lha (affected versions not specified)

Description The issue is related to an integer underflow in the header.c file of lha, which can be triggered by a large header size value for the level0 or level1 header in an lha archive. This can lead to a buffer overflow, allowing remote attackers to have an unspecified impact.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Underflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-191

Identificadores relacionados

CVE-2016-1925

MGASA-2016-0142

SUSE-SU-2016:1904-1

SUSE-SU-2016_1904-1

Produtos afetados

Suse

Lha

PT-2017-7988 · Lha+1 · Lha+1

CVE-2016-1925

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12