Vulnerability Details CVE-2015-0906
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.3%
CVSS Severity
CVSS v2 Score 5.8
References
- http://jvn.jp/en/jp/JVN02527990/414318/index.html
- http://jvn.jp/en/jp/JVN02527990/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050
- http://www7a.biglobe.ne.jp/~schezo/
- http://jvn.jp/en/jp/JVN02527990/414318/index.html
- http://jvn.jp/en/jp/JVN02527990/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000050
- http://www7a.biglobe.ne.jp/~schezo/
Products affected by CVE-2015-0906
-
cpe:2.3:a:lhaplus:lhaplus:1.52
-
cpe:2.3:a:lhaplus:lhaplus:1.53
-
cpe:2.3:a:lhaplus:lhaplus:1.55
-
cpe:2.3:a:lhaplus:lhaplus:1.56
-
cpe:2.3:a:lhaplus:lhaplus:1.57
-
cpe:2.3:a:lhaplus:lhaplus:1.59