CVE-2006-4116

2006-08-14T21:04:00
ID CVE-2006-4116
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:33:00

Description

Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute arbitrary code via a long filename in (1) an LHZ archive, when saving the filename during extraction; and (2) an LHZ archive with an invalid CRC checksum, when constructing an error message. This vulnerability is addressed in the following product release: Lhaz, Lhaz, 1.32