JVN#82610488
Lhaplus buffer overflow vulnerability
Critical
Overview
Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability.
Products Affected
- Lhaplus Version 1.55 and earlier
Description
Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user decompresses a specially crafted file, an attacker could execute arbitrary code with the privilege of the user.
This vulnerability is different from JVN#70734805.
Impact
An attacker could execute arbitrary code with the privilege of the user who decompressed the file.
Solution
Update the Software
Apply the latest updates provided by the developer.
For more information, refer to the developer's website.
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2007.11.22 Critical
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | Routed - can be attacked over the Internet using packets |
|
| Authentication | None - anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file |
|
| Exploit Complexity | Low-Medium - some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls) |
|
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE |
CVE-2007-6175 |
| JVN iPedia |
JVNDB-2007-000808 |