Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2004-0235

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").

  • Published: Aug 18, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-0235
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.4
  • AV:N/AC:L/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
clearswift / mailsweeper 4.3 4.3.x
clearswift / mailsweeper 4.3.6 4.3.6.x
f-secure / f-secure_anti-virus 5.42 5.42.x
clearswift / mailsweeper 4.0 4.0.x
tsugio_okamoto / lha 1.17 1.17.x
f-secure / f-secure_anti-virus 5.41 5.41.x
f-secure / internet_gatekeeper 6.32 6.32.x
f-secure / f-secure_internet_security 2003 2003.x
sgi / propack 3.0 3.0.x
rarlab / winrar 3.20 3.20.x
f-secure / f-secure_anti-virus 5.5 5.5.x
clearswift / mailsweeper 4.3.4 4.3.4.x
f-secure / f-secure_personal_express 4.6 4.6.x
clearswift / mailsweeper 4.2 4.2.x
f-secure / f-secure_anti-virus 4.52 4.52.x
clearswift / mailsweeper 4.3.7 4.3.7.x
f-secure / f-secure_personal_express 4.7 4.7.x
f-secure / f-secure_for_firewalls 6.20 6.20.x
f-secure / f-secure_anti-virus 4.51 4.51.x
tsugio_okamoto / lha 1.15 1.15.x
f-secure / f-secure_personal_express 4.5 4.5.x
f-secure / f-secure_anti-virus 5.52 5.52.x
f-secure / f-secure_anti-virus 2004 2004.x
winzip / winzip 9.0 9.0.x
clearswift / mailsweeper 4.3.3 4.3.3.x
tsugio_okamoto / lha 1.14 1.14.x
clearswift / mailsweeper 4.3.11 4.3.11.x
f-secure / f-secure_internet_security 2004 2004.x
f-secure / f-secure_anti-virus 6.21 6.21.x
clearswift / mailsweeper 4.3.13 4.3.13.x
f-secure / f-secure_anti-virus 2003 2003.x
sgi / propack 2.4 2.4.x
stalker / cgpmcafee 3.2 3.2.x
clearswift / mailsweeper 4.3.5 4.3.5.x
clearswift / mailsweeper 4.1 4.1.x
f-secure / internet_gatekeeper 6.31 6.31.x
f-secure / f-secure_anti-virus 4.60 4.60.x
clearswift / mailsweeper 4.3.6_sp1 4.3.6_sp1.x
redhat / lha 1.14i-9 1.14i-9.x
clearswift / mailsweeper 4.3.8 4.3.8.x
clearswift / mailsweeper 4.3.10 4.3.10.x
redhat / fedora_core core_1.0 core_1.0.x