Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Sep 24, 2007· Updated Apr 23, 2026

CVE-2007-5048

CVE-2007-5048

Description

Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive.

Affected products

2

Lhaplus/Lhaplus2 versions
cpe:2.3:a:lhaplus:lhaplus:1.52:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:lhaplus:lhaplus:1.52:*:*:*:*:*:*:*
- cpe:2.3:a:lhaplus:lhaplus:1.53:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

secunia.com/advisories/26907nvdPatchVendor Advisory
www.securityfocus.com/bid/25754nvdPatch
www.fourteenforty.jp/research/advisory.cginvdExploit
jvn.jp/jp/JVN%2370734805/index.htmlnvd
osvdb.org/40582nvd
www7a.biglobe.ne.jp/~schezo/arj_vul.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/36718nvd

News mentions

0

No linked articles in our index yet.