Published:2015/04/09  Last Updated:2015/04/09

Information from Schezo

Vulnerability ID:JVN#12329472
Title:Lhaplus vulnerable to remote code execution

This is a statement from the vendor itself with no modification by JPCERT/CC.


Lhaplus Version 1.59 and earlier are vulnerable to a buffer overflow when processing a specially crafted archive file.


This flaw is addressed in Lhaplus version 1.70. Please update to version 1.70 or later.