JVN#82610488 Lhaplus buffer overflow vulnerability

2007-11-22T00:00:00
ID JVN:82610488
Type jvn
Reporter Japan Vulnerability Notes
Modified 2008-05-21T00:00:00

Description

## Description

Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user decompresses a specially crafted file, an attacker could execute arbitrary code with the privilege of the user.

This vulnerability is different from JVN#70734805.

## Impact

An attacker could execute arbitrary code with the privilege of the user who decompressed the file.

## Solution

Update the Software
Apply the latest updates provided by the developer.

For more information, refer to the developer's website.

## Products Affected

  • Lhaplus Version 1.55 and earlier