JVN#74468481
Lhaplus buffer overflow vulnerability
Critical
Overview
Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability.
Products Affected
- Lhaplus Version 1.56 and eariler
Description
Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user decompresses a specially crafted file, an attacker could execute arbitrary code with the privilege of the user.
This vulnerability is different from JVN#82610488 and JVN#70734805.
Impact
An attacker could execute arbitrary code with the privilege of the user who decompressed the file.
Solution
Update the Software
Update to the latest version according to the information provided by the vendor.
For more information, refer to the vendor's website.
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2008.04.28 Critical
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | Routed - can be attacked over the Internet using packets |
|
| Authentication | None - anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file |
|
| Exploit Complexity | Low - little to no expertise and/or luck required to exploit (cross-site scripting) |
|
Credit
Yuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2008-000022 |
Update History
- 2008/05/21
- JVN English site opened and the first English advisory of this issue was published.
- 2008/07/17
- Information under the section "References" was added.