SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2015-0906

Date: (C)2015-04-16 (M)2023-12-22

Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.8
Exploit Score: 8.6
Impact Score: 4.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: PARTIAL

Reference:

JVNDB-2015-000050

http://jvn.jp/en/jp/JVN02527990/414318/index.html

http://www7a.biglobe.ne.jp/~schezo/

cpe:/a:lhaplus:lhaplus:1.55
cpe:/a:lhaplus:lhaplus:1.57
cpe:/a:lhaplus:lhaplus:1.56
cpe:/a:lhaplus:lhaplus:1.53
...

© SecPod Technologies