33 matches found
EUVD-2006-4026
Malware in sbrugna...
EUVD-2007-6144
Malware in sbrugna...
EUVD-2018-16981
Malware in sbrugna...
EUVD-2018-12816
Malware in sbrugna...
CVE-2018-5196
Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitrary code execution...
CVE-2018-5196
Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitrary code execution...
CVE-2018-5196
The CVE-2018-5196 entry affects ESTsoft ALZip (versions 10.76.0.0 and earlier). The root cause is a stack overflow caused by improper bounds checking when handling specially crafted LZH archives. Exploitation wording from multiple sources indicates that convincing a user to open a malicious LZH f...
CVE-2018-5196 Alzip Stack Overflow Vulnerability
Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitrary code execution...
Symantec Protection for SharePoint Servers 6.0.3 to 6.0.5 < HF1.5 / 6.0.6 < HF1.6 Multiple Vulnerabilities (SYM16-010)
The version of Symantec Protection for SharePoint Servers installed on the remote host is 6.0.3 to 6.0.5 prior to HF1.5 or 6.0.6 prior to HF1.6. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the Unpack::ShortLZ function within file unpack15.cpp due t...
Debian DSA-3540-1 : lhasa - security update
Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
New Heap-Spray Exploit Tied To LZH Archive Decompression
Researchers found a vulnerability in the classic compression standard Lhasa, once a mainstay for game developers in the mid-’90s and still in use today. Researchers at Cisco’s security research arm, Cisco Talos, identified the vulnerability calling it as a classic heap-spray exploit. In a report...
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86x64) - LZH archive parsing (PoC)
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 x86x64 - LZH archive parsing PoC ESET Smart Security 4.2 and NOD32 Antivirus 4.2 x32-x64 LZH archive parsing PoC exploit. Scanning of malicious file causes heap corruption in context of the service process ekrn.exe. See Dr. Watson log drwtsn32.log f...
ESET Smart Security LZH archive parsing vulnerability
Software: ESET Smart Security 4.2 and NOD32 Antivirus 4.2 x32-x64 Vendor status: notified/ignored Tested on: Windows XP, Vista, 7 x32 and x64 Description: Scanning of malicious file causes heap corruption in context of the service process ekrn.exe. See Dr. Watson log drwtsn32.log for details. PoC...
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC)
ESET Smart Security 4.2 and NOD32 Antivirus 4.2 x32-x64 LZH archive parsing PoC exploit. Scanning of malicious file causes heap corruption in context of the service process ekrn.exe. See Dr. Watson log drwtsn32.log for details. USAGE: python esetlzh.py TEST.LZH will be created c 2010 eSage Lab...
Buffer overflow
Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048...
CVE-2007-6175
Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048...
CVE-2007-6175
Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048...
CVE-2007-6175
CVE-2007-6175 affects Lhaplus 1.55 and earlier. A buffer overflow in LZH archive handling could allow remote attackers to execute arbitrary code when decompressing a crafted LZH file. Connected documents corroborate a vulnerable Lhaplus prior to 1.55 and note this is a separate issue from CVE-200...
CVE-2007-3512
Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows user-assisted remote attackers to execute arbitrary code via a large LHA "Extended Header Size" value in an LZH archive, a different issue than CVE-2007-3375...
Stack overflow
Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows user-assisted remote attackers to execute arbitrary code via a large LHA "Extended Header Size" value in an LZH archive, a different issue than CVE-2007-3375...