Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lhaplus | Lhaplus | * | 1.57 (including) |
| Lhaplus | Lhaplus | 1.52 (including) | 1.52 (including) |
| Lhaplus | Lhaplus | 1.53 (including) | 1.53 (including) |
| Lhaplus | Lhaplus | 1.55 (including) | 1.55 (including) |
| Lhaplus | Lhaplus | 1.56 (including) | 1.56 (including) |
References
- http://jvn.jp/jp/JVN18774708/index.html
- http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html
- http://secunia.com/advisories/41742
- http://www7a.biglobe.ne.jp/~schezo/dll_vul.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64436
- http://jvn.jp/jp/JVN18774708/index.html
- http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000039.html
- http://secunia.com/advisories/41742
- http://www7a.biglobe.ne.jp/~schezo/dll_vul.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64436