MidnightBSD

Advisories for lhaplus

CVE-2010-2368 MEDIUM

Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
lhaplus lhaplus 1.56
lhaplus lhaplus *
lhaplus lhaplus 1.55
lhaplus lhaplus 1.53
lhaplus lhaplus 1.52
CVE-2010-3158 MEDIUM

Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
lhaplus lhaplus 1.56
lhaplus lhaplus *
lhaplus lhaplus 1.55
lhaplus lhaplus 1.53
lhaplus lhaplus 1.52
CVE-2015-0906 MEDIUM

Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
lhaplus lhaplus 1.56
lhaplus lhaplus *
lhaplus lhaplus 1.55
lhaplus lhaplus 1.53
lhaplus lhaplus 1.57
lhaplus lhaplus 1.52
CVE-2015-0907 MEDIUM

Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
lhaplus lhaplus 1.56
lhaplus lhaplus *
lhaplus lhaplus 1.55
lhaplus lhaplus 1.53
lhaplus lhaplus 1.57
lhaplus lhaplus 1.52