Secunia
Login
|
|
CVE Reference: CVE-2004-0771 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-0771 |
|
|
Description: Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/16196 REDHAT http://www.redhat.com/support/errata/RHSA-2004-440.html http://www.redhat.com/support/errata/RHSA-2004-323.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9595 MISC http://bugs.gentoo.org/show_bug.cgi?id=51285 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200409-13.xml FEDORA BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=108668791510153 http://www.securityfocus.com/archive/1/363418 BID 10354 |
|
| Return to the previous page. |
