Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
clearswift mailsweeper 4.3.13 |
||
clearswift mailsweeper 4.3.3 |
||
clearswift mailsweeper 4.3.4 |
||
f-secure f-secure anti-virus 2004 |
||
f-secure f-secure anti-virus 4.51 |
||
f-secure f-secure anti-virus 5.41 |
||
f-secure f-secure for firewalls 6.20 |
||
f-secure f-secure internet security 2003 |
||
rarlab winrar 3.20 |
||
redhat lha 1.14i-9 |
||
winzip winzip 9.0 |
||
clearswift mailsweeper 4.0 |
||
clearswift mailsweeper 4.1 |
||
clearswift mailsweeper 4.3.5 |
||
clearswift mailsweeper 4.3.6 |
||
f-secure f-secure anti-virus 5.42 |
||
f-secure f-secure internet security 2004 |
||
f-secure f-secure personal express 4.5 |
||
sgi propack 2.4 |
||
sgi propack 3.0 |
||
clearswift mailsweeper 4.2 |
||
clearswift mailsweeper 4.3 |
||
clearswift mailsweeper 4.3.6_sp1 |
||
clearswift mailsweeper 4.3.7 |
||
f-secure f-secure anti-virus 4.52 |
||
f-secure f-secure personal express 4.6 |
||
f-secure f-secure personal express 4.7 |
||
stalker cgpmcafee 3.2 |
||
tsugio okamoto lha 1.14 |
||
clearswift mailsweeper 4.3.10 |
||
clearswift mailsweeper 4.3.11 |
||
clearswift mailsweeper 4.3.8 |
||
f-secure f-secure anti-virus 2003 |
||
f-secure f-secure anti-virus 4.60 |
||
f-secure f-secure anti-virus 5.5 |
||
f-secure f-secure anti-virus 5.52 |
||
f-secure f-secure anti-virus 6.21 |
||
f-secure internet gatekeeper 6.31 |
||
f-secure internet gatekeeper 6.32 |
||
tsugio okamoto lha 1.15 |
||
tsugio okamoto lha 1.17 |
||
redhat fedora core core_1.0 |
Vulmon