CVE-2016-2347
The CVE affects the Lhasa library (lib/lha_file_header.c: decode_level3_header) and is due to an integer underflow that can lead to remote code execution via a crafted archive. Fixed in Lhasa 0.3.1 (upstream) and addressed in OSV/NVD records; published advisories indicate a heap/underflow vulnera...