Lucene search

[email protected]CVE-2007-3375

HistoryJun 25, 2007 - 8:30 p.m.

CVE-2007-3375

2007-06-2520:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-3375

stack-based buffer overflow

lhaca file archiver

lzh archive

malware

trojan.lhdropper

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.119 Low

EPSS

Percentile

95.3%

JSON

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.

Affected configurations

NVD

Node

lhacafile_archiverRange≤1.20

CPENameOperatorVersion
lhaca:file_archiverlhaca file archiverle1.20

CPE	Name	Operator	Version
lhaca:file_archiver	lhaca file archiver	le	1.20

References

secunia.com/advisories/25826

vuln.sg/lhaca121-en.html

www.kb.cert.org/vuls/id/871497

www.securityfocus.com/bid/24604

www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html

www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1

exchange.xforce.ibmcloud.com/vulnerabilities/35116

Social References

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.119 Low

EPSS

Percentile

95.3%

JSON

Related for CVE-2007-3375

nvd2 prion2 cvelist2 cert1 cve1 nessus1