CVE-2017-2158

Sažetak

Improper verification when expanding ZIP64 archives in Lhaplus versions 1.73 and earlier may lead to unintended contents to be extracted from a specially crafted ZIP64 archive.

Reference

http://www7a.biglobe.ne.jp/~schezo/JVN57842148.html
https://jvn.jp/en/jp/JVN57842148/index.html

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

02-02-2018 - 18:22

Objavljeno

12-01-2018 - 14:29