VDB
CVE-2007-3375
CVE-2007-3375
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.
EPSS 8.56% · 92.5th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
8.56%
92.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a, n/a |
| lhaca | file_archiver | 0, 0, 0 |
Timeline
- Jun 25, 2007 CVE Published
- Jul 6, 2007 VulnCheck KEV Exploitation
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html url
- VU#871497 third-party-advisory
- http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1 url
- lhaca-lzh-bo(35116) vdb
- http://vuln.sg/lhaca121-en.html url
- 24604 vdb
- 25826 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2007-3375 advisory