Lhaca LZH文档处理栈溢出漏洞

Lhaca是一款由日本开发的免费文档压缩解压工具。 Lhaca的文件归档器没有正确的解压.LZH文档，如果用户受骗打开了恶意压缩文档的话，就可能触发栈溢出，导致执行任意指令。 目前这个漏洞正在被名为Trojan.Lhdropper的木马积极的利用。 Lhaca 1.20 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://park8.wakwak.com/app/Lhaca/...

Stack overflow

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper...

CVE-2007-3375

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper...

CVE-2007-3375

CVE-2007-3375: Lhaca File Archiver before 1.21 is affected by a stack-based buffer overflow in a crafted LZH archive, allowing user-assisted remote code execution. The vulnerability is exploited by malware such as Trojan.Lhdropper. Impact details indicate arbitrary code execution with user intera...