Lhaca File Archiver LZH Archive Handling Arbitrary Code Execution

ID OSVDB:37746
Type osvdb
Reporter OSVDB
Modified 2007-06-24T14:45:39


Solution Description

Upgrade to version 1.23 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Secunia Advisory ID:25826 Other Advisory URL: http://secunia.com/virus_information/39523/ Other Advisory URL: http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1 Other Advisory URL: http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html Other Advisory URL: http://vuln.sg/lhaca121-en.html Keyword: Trojan.Lhdropper CVE-2007-3375 CERT VU: 871497 Bugtraq ID: 24604