31 matches found
EUVD-2016-3431
Malware in sbrugna...
EUVD-2010-2379
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-2347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafte...
CVE-2010-2369
Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory...
OPENSUSE-SU-2024:10490-1 lhasa-0.3.1-1.4 on GA media
These are all security issues fixed in the lhasa-0.3.1-1.4 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2016-2347
Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...
DEBIAN-CVE-2016-2347
Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...
CVE-2016-2347
Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...
CVE-2016-2347
Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...
UBUNTU-CVE-2016-2347
Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...
CVE-2016-2347
The CVE affects the Lhasa library (lib/lha_file_header.c: decode_level3_header) and is due to an integer underflow that can lead to remote code execution via a crafted archive. Fixed in Lhasa 0.3.1 (upstream) and addressed in OSV/NVD records; published advisories indicate a heap/underflow vulnera...
SUSE SLED12 Security Update : lhasa (SUSE-SU-2016:1091-1)
lhasa was updated to fix one security issue. This security issue was fixed : - CVE-2016-2347: decodelevel3header heap corruption vulnerability bsc973790. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempte...
SUSE-SU-2016:1091-1 Security update for lhasa
lhasa was updated to fix one security issue. This security issue was fixed: - CVE-2016-2347: decodelevel3header heap corruption vulnerability bsc973790...
lhasa: arbitrary code execution
An exploitable integer underflow exists during calculation size for all headers in decodelevel3header function of Lhasa lha application. Smaller value of headerlen than LEVEL3HEADERLEN 32 cause during subtraction integer underflow and lead later to memory corruption via heap based buffer overflow...
openSUSE Security Update : lhasa (openSUSE-2016-455)
This update for lhasa to 0.3.1 fixes the following issues : These security issues were fixed : - CVE-2016-2347: Integer underflow vulnerability in the code for doing LZH level 3 header decodes boo973790 These non-security issues were fixed : - PMarc -pm1- archives that contain truncated compresse...
openSUSE Security Update : lhasa (openSUSE-2016-454)
This update for lhasa to 0.3.1 fixes the following issues : These security issues were fixed : - CVE-2016-2347: Integer underflow vulnerability in the code for doing LZH level 3 header decodes boo973790 These non-security issues were fixed : - PMarc -pm1- archives that contain truncated compresse...
Lhasa Integer Overflow Vulnerability
Lhasa is a freeware alternative to the LHA compression program for Unix, developed by software developer Simon Howard. The program is capable of decompressing .lzh and .lzs files. An integer overflow vulnerability exists in the 'decodelevel3header' function in Lhasa's lib\lhafileheader.c file,...
Debian DSA-3540-1 : lhasa - security update
Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
[SECURITY] [DSA 3540-1] lhasa security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3540-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 03, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3540-1 (lhasa - security update)
Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed. OpenVAS Vulnerability Test $Id: deb3540.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3540-1...