Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
2004-08-18T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 6.4 (MEDIUM)
AV:N/AC:L/Au:N/C:P/I:P/A:N
10.0
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | clearswift | mailsweeper | 4.0 | Yes |
| Application | clearswift | mailsweeper | 4.1 | Yes |
| Application | clearswift | mailsweeper | 4.2 | Yes |
| Application | clearswift | mailsweeper | 4.3 | Yes |
| Application | clearswift | mailsweeper | 4.3.3 | Yes |
| Application | clearswift | mailsweeper | 4.3.4 | Yes |
| Application | clearswift | mailsweeper | 4.3.5 | Yes |
| Application | clearswift | mailsweeper | 4.3.6 | Yes |
| Application | clearswift | mailsweeper | 4.3.6_sp1 | Yes |
| Application | clearswift | mailsweeper | 4.3.7 | Yes |
| Application | clearswift | mailsweeper | 4.3.8 | Yes |
| Application | clearswift | mailsweeper | 4.3.10 | Yes |
| Application | clearswift | mailsweeper | 4.3.11 | Yes |
| Application | clearswift | mailsweeper | 4.3.13 | Yes |
| Application | f-secure | f-secure_anti-virus | 4.51 | Yes |
| Application | f-secure | f-secure_anti-virus | 4.51 | Yes |
| Application | f-secure | f-secure_anti-virus | 4.51 | Yes |
| Application | f-secure | f-secure_anti-virus | 4.52 | Yes |
| Application | f-secure | f-secure_anti-virus | 4.52 | Yes |
| Application | f-secure | f-secure_anti-virus | 4.52 | Yes |
| Application | f-secure | f-secure_anti-virus | 4.60 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.5 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.41 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.41 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.41 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.42 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.42 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.42 | Yes |
| Application | f-secure | f-secure_anti-virus | 5.52 | Yes |
| Application | f-secure | f-secure_anti-virus | 6.21 | Yes |
| Application | f-secure | f-secure_anti-virus | 2003 | Yes |
| Application | f-secure | f-secure_anti-virus | 2004 | Yes |
| Application | f-secure | f-secure_for_firewalls | 6.20 | Yes |
| Application | f-secure | f-secure_internet_security | 2003 | Yes |
| Application | f-secure | f-secure_internet_security | 2004 | Yes |
| Application | f-secure | f-secure_personal_express | 4.5 | Yes |
| Application | f-secure | f-secure_personal_express | 4.6 | Yes |
| Application | f-secure | f-secure_personal_express | 4.7 | Yes |
| Application | f-secure | internet_gatekeeper | 6.31 | Yes |
| Application | f-secure | internet_gatekeeper | 6.32 | Yes |
| Application | rarlab | winrar | 3.20 | Yes |
| Application | redhat | lha | 1.14i-9 | Yes |
| Application | sgi | propack | 2.4 | Yes |
| Application | sgi | propack | 3.0 | Yes |
| Application | stalker | cgpmcafee | 3.2 | Yes |
| Application | tsugio_okamoto | lha | 1.14 | Yes |
| Application | tsugio_okamoto | lha | 1.15 | Yes |
| Application | tsugio_okamoto | lha | 1.17 | Yes |
| Application | winzip | winzip | 9.0 | Yes |
| Operating System | redhat | fedora_core | core_1.0 | Yes |