PT-2004-1062 · None · Lha Package+1

Published

2004-09-07

Updated

2017-10-11

CVE-2004-0745

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions LHA versions 1.14 and earlier lha package version 1.00

Description The issue allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name, potentially leading to disruption of confidentiality, integrity, and availability of protected information. Exploitation can be done remotely.

Recommendations For LHA versions 1.14 and earlier, consider updating to a newer version to mitigate the risk. For lha package version 1.00, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2015-06300

CVE-2004-0745

RHSA-2004:323

Affected Products

Lha

Lha Package

PT-2004-1062 · None · Lha Package+1

CVE-2004-0745

Weakness Enumeration

Related Identifiers

Affected Products

References · 9