Lucene search

[email protected]CVE-2007-3375

HistoryJun 25, 2007 - 8:30 p.m.

CVE-2007-3375

2007-06-2520:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-3375

stack-based buffer overflow

lhaca file archiver

lzh archive

malware

trojan.lhdropper

nvd

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.119 Low

EPSS

Percentile

95.2%

JSON

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.

CPENameOperatorVersion
lhaca:file_archiverlhaca file archiverle1.20

CPE	Name	Operator	Version
lhaca:file_archiver	lhaca file archiver	le	1.20

References

secunia.com/advisories/25826

vuln.sg/lhaca121-en.html

www.kb.cert.org/vuls/id/871497

www.securityfocus.com/bid/24604

www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html

www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1

exchange.xforce.ibmcloud.com/vulnerabilities/35116

Social References

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.119 Low

EPSS

Percentile

95.2%

JSON

Related for CVE-2007-3375

prion2 cve1 cert1 nessus1