本ページは lhaplus lhaplus に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2015-0907 | Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive. | [email protected] | 6.8 | 2.76% | 2015-04-15 | 2026-06-16 |
| CVE-2015-0906 | Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive. | [email protected] | 5.8 | 1.56% | 2015-04-15 | 2026-06-16 |
| CVE-2010-3158 | Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | [email protected] | 6.9 | 0.29% | 2010-10-19 | 2026-06-16 |
| CVE-2010-2368 | Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | [email protected] | 6.9 | 0.29% | 2010-10-18 | 2026-06-16 |
| CVE-2008-2021 | Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive. | [email protected] | 7.5 | 3.48% | 2008-04-30 | 2026-06-16 |
| CVE-2007-6175 | Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048. | [email protected] | 6.6 | 3.46% | 2007-11-29 | 2026-06-16 |
| CVE-2007-5048 | Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive. | [email protected] | 7.5 | 4.12% | 2007-09-23 | 2026-06-16 |
| CVE-2006-4033 | Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize. | [email protected] | 5.1 | 4.76% | 2006-08-09 | 2026-06-16 |