6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
58.5%
UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL provided by Micco contain vulnerabilities listed below.
Self-Extracting Archives created by UNLHA32.DLL may insecurely load Dynamic Link Libraries (CWE-427) - CVE-2018-16189
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | Base Score: 7.8 |
CVSS v2 | AV:N/AC:M/Au:N/C:P/I:P/A:P | Base Score: 6.8 |
Insecurely load specific DLL file in the same directory (CWE-427) - CVE-2018-16190
Version | Vector | Score |
---|---|---|
CVSS v3 | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | Base Score: 7.8 |
CVSS v2 | AV:N/AC:M/Au:N/C:P/I:P/A:P | Base Score: 6.8 |
Solution for CVE-2018-16189: Update UNLHA32.DLL and Recreate Self-Extracting Archive files
According to the information provided by the developer, update the product which includes UNLHA32.DLL to the latest version and recreate self-extracting archive files.
Solution for CVE-2018-16190: Update the software
Update to the latest version according to the information provided by the developer.
CVE-2018-16189
UNLHA32.DLL for Win32 prior to Ver 3.00
CVE-2018-16190
UNLHA32.DLL for Win32 Ver 2.67.1.2 and earlier
UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier
LHMelting for Win32 Ver 1.65.3.6 and earlier
LMLzh32.DLL Ver 2.67.1.2 and earlier
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
58.5%