Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-08-05T04:00:00
Updated: 2017-10-10T00:57:01
Reserved: 2004-08-04T00:00:00
Link: CVE-2004-0771
JSON object: View
NVD Information
Status : Modified
Published: 2004-11-23T05:00:00.000
Modified: 2017-10-11T01:29:33.170
Link: CVE-2004-0771
JSON object: View
Redhat Information
No data.
CWE