Unrated severityNVD Advisory· Published Jun 25, 2007· Updated Apr 23, 2026

CVE-2007-3375

Description

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.

Affected products

Lhaca/File Archiver
cpe:2.3:a:lhaca:file_archiver:*:*:*:*:*:*:*:*
Range: <=1.20

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/25826nvdVendor Advisory
www.kb.cert.org/vuls/id/871497nvdUS Government Resource
vuln.sg/lhaca121-en.htmlnvd
www.securityfocus.com/bid/24604nvd
www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.htmlnvd
www.symantec.com/security_response/writeup.jspnvd
exchange.xforce.ibmcloud.com/vulnerabilities/35116nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000