JVN#74468481 Lhaplus buffer overflow vulnerability

2008-04-28T00:00:00
ID JVN:74468481
Type jvn
Reporter Japan Vulnerability Notes
Modified 2008-07-17T00:00:00

Description

## Description

Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user decompresses a specially crafted file, an attacker could execute arbitrary code with the privilege of the user.

This vulnerability is different from JVN#82610488 and JVN#70734805.

## Impact

An attacker could execute arbitrary code with the privilege of the user who decompressed the file.

## Solution

Update the Software
Update to the latest version according to the information provided by the vendor.
For more information, refer to the vendor's website.

## Products Affected

  • Lhaplus Version 1.56 and eariler