HOMEIT SecurityMeasures for Information Security VulnerabilitiesIPA/ISEC:Vulnerabilities:Security Alert for Lhaplus Vulnerability
April 28, 2008
>> JAPANESE
Information-technology Promotion Agency, Japan (IPA, Chairman Koji Nishigaki) has issued the Security Alert for Lhaplus Vulnerability on April 28, 2008.
This vulnerability allows an attacker to execute arbitrary code when a user decompresses a specially crafted file.
When exploited, an attacker could take control over the computer and, for example, execute unauthorized programs, delete files and install malicious tools such as bot software.
To fix the problem, update to the fixed version provided by the product vendor.
Lhaplus is a file compression/decompression software to reduce the size of electronic files. It supports the data compression format lzh and zip for instance. Lhaplus is vulnerable to buffer overflow due to the problem in the decompression process. When exploited, an attacker could execute arbitrary code on the computer installed with Lhaplus.
This vulnerability is different from “Security Alert for Lhaplus Vulnerability” issued on September 21, 2007 and on November 22, 2007.
For the latest information, please refer to:
http://jvndb.jvn.jp/contents/en/2008/JVNDB-2008-000022.html
The following creditee reported this vulnerability to IPA on February 13, 2008. JPCERT Coordination Center (JPCERT/CC) coordinated with the product vendors and published the vulnerability on April 28, 2008, under Information Security Early Warning Partnership.
Credit: Yuji Ukai of Fourteenforty Research Institute, Inc.
An attacker could execute unauthorized programs, delete files and install malicious tools such as bot and virus software when a user open (decompresses) a specially crafted file obtained via emails, web sites or file exchange software.
To fix the problem, update to the fixed version provided by the product vendor.
Severity Rating (CVSS base score) |
□ Low (0.0~3.9) |
■ Medium (4.0~6.9) |
□ High (7.0~10.0) |
---|---|---|---|
CVSS base score | 6.8 |
AV:Access Vector | □ Local | □ Adjacent Network |
■ Network |
---|---|---|---|
AC:Access Complexity | □ High | ■ Medium | □ Low |
Au:Authentication | □ Multiple | □ Single | ■ None |
C:Confidentiality Impact | □ None | ■ Partial | □ Complete |
I:Integrity Impact | □ None | ■ Partial | □ Complete |
A:Availability Impact | □ None | ■ Partial | □ Complete |
■:Selected Values
IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)
E-mail: