Published:2007/11/22  Last Updated:2008/05/21

JVN#82610488
Lhaplus buffer overflow vulnerability
Critical

Overview

Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability.

Products Affected

  • Lhaplus Version 1.55 and earlier

Description

Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user decompresses a specially crafted file, an attacker could execute arbitrary code with the privilege of the user.

This vulnerability is different from JVN#70734805.

Impact

An attacker could execute arbitrary code with the privilege of the user who decompressed the file.

Solution

Update the Software
Apply the latest updates provided by the developer.

For more information, refer to the developer's website.

Vendor Status

Vendor Status Last Update Vendor Notes
Schezo Vulnerable 2007/11/22

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2007.11.22 Critical

Measures Conditions Severity
Access Required Routed - can be attacked over the Internet using packets
  • High
Authentication None - anonymous or no authentication (IP addresses do not count)
  • High
User Interaction Required Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file
  • Medium
Exploit Complexity Low-Medium - some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls)
  • Medium-High

Description of each analysis measures

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2007-6175
JVN iPedia JVNDB-2007-000808

Update History