Описание
Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remote attackers to execute arbitrary code via an LZH LHA file with a crafted header that is not properly handled during expansion.
Ссылки
- Third Party AdvisoryVendor Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVendor Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 5.62 (включая)
cpe:2.3:a:ponsoftware:explzh:*:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05333
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-120
Связанные уязвимости
github
больше 3 лет назад
Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remote attackers to execute arbitrary code via an LZH LHA file with a crafted header that is not properly handled during expansion.
EPSS
Процентиль: 90%
0.05333
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-120