Lucene search
Arch LinuxASA-201604-8HistoryApr 14, 2016 - 12:00 a.m.
lhasa: arbitrary code execution
2016-04-1400:00:00
Arch Linux
lists.archlinux.org
18
EPSS
0.004
Percentile
74.7%
An exploitable integer underflow exists during calculation size for all
headers in decode_level3_header function of Lhasa (lha) application.
Smaller value of header_len than LEVEL_3_HEADER_LEN ( 32 ) cause during
subtraction integer underflow and lead later to memory corruption via
heap based buffer overflow.
Related
nessus
nessus
SUSE SLED12 Security Update : lhasa (SUSE-SU-2016:1091-1)
2016-04-20 00:00:00
openSUSE Security Update : lhasa (openSUSE-2016-454)
2016-04-14 00:00:00
Debian DSA-3540-1 : lhasa - security update
2016-04-05 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3540-1)
2016-04-02 00:00:00
Debian Security Advisory DSA 3540-1 (lhasa - security update)
2016-04-03 00:00:00
cvelist
cvelist
CVE-2016-2347
2017-04-21 20:00:00
cve
cve
CVE-2016-2347
2017-04-21 20:59:00
debiancve
debiancve
CVE-2016-2347
2017-04-21 20:59:00
threatpost
threatpost
New Heap-Spray Exploit Tied To LZH Archive Decompression
2016-04-01 13:07:40
ubuntucve
ubuntucve
CVE-2016-2347
2017-04-21 00:00:00
talos
talos
Lhasa lha decode_level3_header Heap Corruption Vulnerability
2016-03-31 00:00:00
debian
debian
[SECURITY] [DSA 3540-1] lhasa security update
2016-04-03 11:36:41
osv
osv
CVE-2016-2347
2017-04-21 20:59:00
lhasa - security update
2016-04-03 00:00:00
nvd
nvd
CVE-2016-2347
2017-04-21 20:59:00
prion
prion
Integer overflow
2017-04-21 20:59:00