CVE-2004-0234Improper Restriction of Operations within the Bounds of a Memory Buffer in Mailsweeper

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources
Severity
10.0CRITICALNVD
EPSS
8.5%
top 7.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
Clearswift MailsweeperF-secure Anti-virusF-secure FOR Firewalls+10 more
Timeline
PublishedAug 18
Latest updateApr 29

Description

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages13 packages

NVDredhat/lha1.14i-9
NVDsgi/propack2.4, 3.0+1
NVDrarlab/winrar3.20
NVDwinzip/winzip9.0

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-w979-wcrr-7whw: Multiple stack-based buffer overflows in the get_header function in header2022-04-29
CVEList
CVE-2004-0234: Multiple stack-based buffer overflows in the get_header function in header2004-05-05

💥Exploits & PoCs

1
Exploit-DB
LHA 1.x - Remote Buffer Overflow / Directory Traversal2004-04-30

📋Vendor Advisories

2
Red Hat
lhaca issue might affect lha packages2007-07-01
Red Hat
security flaw2004-05-01

💬Community

2
Bugzilla
CVE-2004-0234 security flaw2018-08-16
Bugzilla
CVE-2007-3375 lhaca issue might affect lha packages2007-07-10
CVE-2004-0234 — Clearswift Mailsweeper vulnerability | cvebase