[Full-disclosure] [vuln.sg] Lhaz LHA Long Filename Buffer Overflow Vulnerability

Mon Aug 7 07:27:46 BST 2006

[vuln.sg] Vulnerability Research Advisory

Lhaz LHA Long Filename Buffer Overflow Vulnerability

by Tan Chew Keong
Release Date: 2006-08-06

Summary
-------
Some vulnerabilities have been found in Lhaz. When exploited, the
vulnerabilities allow execution of arbitrary code when the user extracts
a malicious LZH archive.

Tested Version
--------------
Lhaz version 1.31 (Japanese)

Details
-------
http://vuln.sg/lhaz131-en.html