10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.934 High
EPSS
Percentile
99.1%
Ulf Härnhammar discovered several vulnerabilities in
LHa for UNIX’s path name handling code. Specially constructed
archive files may cause LHa to overwrite files or
execute arbitrary code with the privileges of the user
invoking LHa. This could be particularly harmful for
automated systems that might handle archives such as
virus scanning processes.