Lucene search

[email protected]CVE-2004-0235

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2004-0235

2004-08-1804:00:00

[email protected]

web.nvd.nist.gov

lha

directory traversal

vulnerability

file creation

nvd

cve-2004-0235

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.4%

JSON

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) … sequences or (2) absolute pathnames with double leading slashes (“//absolute/path”).

Affected configurations

NVD

Node

clearswiftmailsweeperMatch4.0

clearswiftmailsweeperMatch4.1

clearswiftmailsweeperMatch4.2

clearswiftmailsweeperMatch4.3

clearswiftmailsweeperMatch4.3.3

clearswiftmailsweeperMatch4.3.4

clearswiftmailsweeperMatch4.3.5

clearswiftmailsweeperMatch4.3.6

clearswiftmailsweeperMatch4.3.6_sp1

clearswiftmailsweeperMatch4.3.7

clearswiftmailsweeperMatch4.3.8

clearswiftmailsweeperMatch4.3.10

clearswiftmailsweeperMatch4.3.11

clearswiftmailsweeperMatch4.3.13

f-securef-secure_anti-virusMatch4.51linux_gateways

f-securef-secure_anti-virusMatch4.51linux_servers

f-securef-secure_anti-virusMatch4.51linux_workstations

f-securef-secure_anti-virusMatch4.52linux_gateways

f-securef-secure_anti-virusMatch4.52linux_servers

f-securef-secure_anti-virusMatch4.52linux_workstations

f-securef-secure_anti-virusMatch4.60samba_servers

f-securef-secure_anti-virusMatch5.5client_security

f-securef-secure_anti-virusMatch5.41mimesweeper

f-securef-secure_anti-virusMatch5.41windows_servers

f-securef-secure_anti-virusMatch5.41workstations

f-securef-secure_anti-virusMatch5.42mimesweeper

f-securef-secure_anti-virusMatch5.42windows_servers

f-securef-secure_anti-virusMatch5.42workstations

f-securef-secure_anti-virusMatch5.52client_security

f-securef-secure_anti-virusMatch6.21ms_exchange

f-securef-secure_anti-virusMatch2003

f-securef-secure_anti-virusMatch2004

f-securef-secure_for_firewallsMatch6.20

f-securef-secure_internet_securityMatch2003

f-securef-secure_internet_securityMatch2004

f-securef-secure_personal_expressMatch4.5

f-securef-secure_personal_expressMatch4.6

f-securef-secure_personal_expressMatch4.7

f-secureinternet_gatekeeperMatch6.31

f-secureinternet_gatekeeperMatch6.32

rarlabwinrarMatch3.20

redhatlhaMatch1.14i-9i386

sgipropackMatch2.4

sgipropackMatch3.0

stalkercgpmcafeeMatch3.2

tsugio_okamotolhaMatch1.14

tsugio_okamotolhaMatch1.15

tsugio_okamotolhaMatch1.17

winzipwinzipMatch9.0

Node

redhatfedora_coreMatchcore_1.0

CPENameOperatorVersion
clearswift:mailsweeperclearswift mailsweepereq4.0
clearswift:mailsweeperclearswift mailsweepereq4.1
clearswift:mailsweeperclearswift mailsweepereq4.2
clearswift:mailsweeperclearswift mailsweepereq4.3
clearswift:mailsweeperclearswift mailsweepereq4.3.3
clearswift:mailsweeperclearswift mailsweepereq4.3.4
clearswift:mailsweeperclearswift mailsweepereq4.3.5
clearswift:mailsweeperclearswift mailsweepereq4.3.6
clearswift:mailsweeperclearswift mailsweepereq4.3.6_sp1
clearswift:mailsweeperclearswift mailsweepereq4.3.7

CPE	Name	Operator	Version
clearswift:mailsweeper	clearswift mailsweeper	eq	4.0
clearswift:mailsweeper	clearswift mailsweeper	eq	4.1
clearswift:mailsweeper	clearswift mailsweeper	eq	4.2
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.3
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.4
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.5
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.6
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.6_sp1
clearswift:mailsweeper	clearswift mailsweeper	eq	4.3.7