Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clearswift mailsweeper 4.0 |
||
clearswift mailsweeper 4.1 |
||
clearswift mailsweeper 4.3.4 |
||
clearswift mailsweeper 4.3.5 |
||
f-secure f-secure anti-virus 4.51 |
||
f-secure f-secure anti-virus 5.41 |
||
f-secure f-secure anti-virus 5.42 |
||
f-secure f-secure internet security 2003 |
||
f-secure f-secure internet security 2004 |
||
sgi propack 2.4 |
||
sgi propack 3.0 |
||
clearswift mailsweeper 4.2 |
||
clearswift mailsweeper 4.3 |
||
clearswift mailsweeper 4.3.6 |
||
clearswift mailsweeper 4.3.6_sp1 |
||
clearswift mailsweeper 4.3.7 |
||
f-secure f-secure anti-virus 4.52 |
||
f-secure f-secure personal express 4.5 |
||
f-secure f-secure personal express 4.6 |
||
f-secure f-secure personal express 4.7 |
||
stalker cgpmcafee 3.2 |
||
tsugio okamoto lha 1.14 |
||
clearswift mailsweeper 4.3.10 |
||
clearswift mailsweeper 4.3.11 |
||
clearswift mailsweeper 4.3.8 |
||
f-secure f-secure anti-virus 2003 |
||
f-secure f-secure anti-virus 4.60 |
||
f-secure f-secure anti-virus 5.5 |
||
f-secure f-secure anti-virus 5.52 |
||
f-secure internet gatekeeper 6.31 |
||
f-secure internet gatekeeper 6.32 |
||
tsugio okamoto lha 1.15 |
||
tsugio okamoto lha 1.17 |
||
clearswift mailsweeper 4.3.13 |
||
clearswift mailsweeper 4.3.3 |
||
f-secure f-secure anti-virus 2004 |
||
f-secure f-secure anti-virus 6.21 |
||
f-secure f-secure for firewalls 6.20 |
||
rarlab winrar 3.20 |
||
redhat lha 1.14i-9 |
||
winzip winzip 9.0 |
||
redhat fedora core core_1.0 |