NVD

Id
70686  
Name
CVE-2004-0235  
Description
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2017-07-18  
Published
2004-08-18  
Modified Date
2017-07-10  
Seq
2004-0235  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
364721 70686 CVE-2004-0235 CLA-2004:840  View
364722 70686 CVE-2004-0235 20040501 LHa buffer overflows and directory traversal problems  View
364723 70686 CVE-2004-0235 20040510 [Ulf Harnhammar]: LHA Advisory + Patch  View
364724 70686 CVE-2004-0235 oval:org.mitre.oval:def:10409  View
364725 70686 CVE-2004-0235 oval:org.mitre.oval:def:978  View
364726 70686 CVE-2004-0235 GLSA-200405-02  View
364727 70686 CVE-2004-0235 DSA-515  View
364728 70686 CVE-2004-0235 FEDORA-2004-119  View
364729 70686 CVE-2004-0235 RHSA-2004:178  View
364730 70686 CVE-2004-0235 RHSA-2004:179  View
364731 70686 CVE-2004-0235 10243  View
364732 70686 CVE-2004-0235 lha-directory-traversal(16013)  View
364733 70686 CVE-2004-0235 FLSA:1833  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
62828 JVNDB-2004-000170 LHa の Test/eXtract ルーチンにおけるディレクトリトラバーサルの脆弱性 LHa for UNIX には、書庫をテストまたは解凍する際に、パスの妥当性の確認が複数の箇所において不適切であるため、ディレクトリトラバーサル攻撃を受ける脆弱性が存在します。 CVE-2004-0235 8662 CVE-2004-0235 70686 6.4 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000170.html 2004-04-30 2007-04-01 View