NVD

Id
71195  
Name
CVE-2004-0769  
Description
Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2004-08-18  
Modified Date
2017-07-10  
Seq
2004-0769  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
367677 71195 CVE-2004-0769 http://bugs.gentoo.org/show_bug.cgi?id=51285  View
367678 71195 CVE-2004-0769 http://lw.ftw.zamosc.pl/lha-exploit.txt  View
367679 71195 CVE-2004-0769 20040616 Re: [SECURITY] [DSA 515-1] New lha packages fix several vulnerabilities; Re:  View
367680 71195 CVE-2004-0769 oval:org.mitre.oval:def:11047  View
367681 71195 CVE-2004-0769 GLSA-200409-13  View
367682 71195 CVE-2004-0769 RHSA-2004:323  View
367683 71195 CVE-2004-0769 RHSA-2004:440  View
367684 71195 CVE-2004-0769 lha-long-pathname-bo(16917)  View
367685 71195 CVE-2004-0769 FLSA:1833  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
62854 JVNDB-2004-000196 LHA におけるパス名の長さチェックを行わないことによるバッファオーバーフローの脆弱性 LHA には、.LHZ アーカイブの LHarc フォーマット 2 ヘッダのパス名の取り扱いに不備があり、バッファオーバーフローが発生する脆弱性が存在します。 CVE-2004-0769 9196 CVE-2004-0769 71195 10 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000196.html 2004-05-15 2007-04-01 View