CVE-2006-4116
Summary
Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute arbitrary code via a long filename in (1) an LHZ archive, when saving the filename during extraction; and (2) an LHZ archive with an invalid CRC checksum, when constructing an error message.
- HIGH
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published