github - ghsa-vpgp-fv4q-4fgr

ghsa-vpgp-fv4q-4fgr

Vulnerability from github

Published

2022-04-29 02:58

Modified

2022-04-29 02:58

Details

Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-0771"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-11-23T05:00:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.",
  "id": "GHSA-vpgp-fv4q-4fgr",
  "modified": "2022-04-29T02:58:20Z",
  "published": "2022-04-29T02:58:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0771"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16196"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9595"
    },
    {
      "type": "WEB",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=51285"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=108668791510153"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-13.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-323.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-440.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/363418"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/10354"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2004-0771

Vulnerability from cvelistv5

Published

2004-08-05 04:00

Modified

2024-08-08 00:31

Severity

Summary

References

URL	Tags
http://www.redhat.com/support/errata/RHSA-2004-323.html	vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/10354	vdb-entry, x_refsource_BID
http://bugs.gentoo.org/show_bug.cgi?id=51285	x_refsource_MISC
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9595	vdb-entry, signature, x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/16196	vdb-entry, x_refsource_XF
http://www.securityfocus.com/archive/1/363418	mailing-list, x_refsource_BUGTRAQ
https://bugzilla.fedora.us/show_bug.cgi?id=1833	vendor-advisory, x_refsource_FEDORA
http://www.gentoo.org/security/en/glsa/glsa-200409-13.xml	vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2004-440.html	vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=108668791510153	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website