CVE-2018-20253

In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user...

libarchive: Heap out of bounds read in LHA/LZH parser

A vulnerability was found in libarchive. A specially crafted LZA/LZH file could cause a small out-of-bounds read, potentially disclosing a few bytes of application memory...

libarchive LHA/LZH parser heap out-of-bounds read vulnerability

libarchive is a multi-format archive and compression library. A security vulnerability exists in libarchive's LHA/LZH parser that can be exploited by an attacker to cause a heap out-of-bounds read...

JVN#18223913: BeZIP vulnerable to directory traversal

BeZIP provided by Be Graph Co.,Ltd. is a file compression/extraction software supporting ZIP and LZH formats. BeZIP contains a directory traversal vulnerability. Impact An arbitrary file may be created or altered when extracting a specially crafted file. Solution Update the software Update to the...