Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lhaplus | lhaplus | 1.56 |
| lhaplus | lhaplus | * |
| lhaplus | lhaplus | 1.55 |
| lhaplus | lhaplus | 1.53 |
| lhaplus | lhaplus | 1.52 |
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lhaplus | lhaplus | 1.56 |
| lhaplus | lhaplus | * |
| lhaplus | lhaplus | 1.55 |
| lhaplus | lhaplus | 1.53 |
| lhaplus | lhaplus | 1.52 |
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lhaplus | lhaplus | 1.56 |
| lhaplus | lhaplus | * |
| lhaplus | lhaplus | 1.55 |
| lhaplus | lhaplus | 1.53 |
| lhaplus | lhaplus | 1.57 |
| lhaplus | lhaplus | 1.52 |
Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lhaplus | lhaplus | 1.56 |
| lhaplus | lhaplus | * |
| lhaplus | lhaplus | 1.55 |
| lhaplus | lhaplus | 1.53 |
| lhaplus | lhaplus | 1.57 |
| lhaplus | lhaplus | 1.52 |