Lucene search

[email protected]CVE-2004-0769

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2004-0769

2004-08-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0769

buffer overflow

lha

lharc

remote code execution

security vulnerability

nvd

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.128 Low

EPSS

Percentile

95.4%

JSON

Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the “x” option but also exploitable through “l” and “v”, and fixed in header.c, a different issue than CVE-2004-0771.

CPENameOperatorVersion
mozilla:bugzillamozilla bugzillaeq*

CPE	Name	Operator	Version
mozilla:bugzilla	mozilla bugzilla	eq	*

References

bugs.gentoo.org/show_bug.cgi?id=51285

lw.ftw.zamosc.pl/lha-exploit.txt

marc.info/?l=bugtraq&m=108745217504379&w=2

www.gentoo.org/security/en/glsa/glsa-200409-13.xml

www.redhat.com/support/errata/RHSA-2004-323.html

www.redhat.com/support/errata/RHSA-2004-440.html

bugzilla.fedora.us/show_bug.cgi?id=1833

exchange.xforce.ibmcloud.com/vulnerabilities/16917

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11047

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.128 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2004-0769

cve2 ubuntucve3 nessus7 gentoo1 openvas2 redhat2 freebsd1