← voltar
CVE-2004-0235

CVE-2004-0235

EPSS 4.1%
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.htmlhttp://marc.info/?l=bugtraq&m=108422737918885&w=2https://bugzilla.fedora.us/show_bug.cgi?id=1833http://security.gentoo.org/glsa/glsa-200405-02.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16013https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978http://www.debian.org/security/2004/dsa-515http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.htmlhttp://www.redhat.com/support/errata/RHSA-2004-178.htmlhttp://www.redhat.com/support/errata/RHSA-2004-179.html