Vulnerability Note VU#871497

Lhaca buffer overflow vulnerability

Original Release date: 06 Jul 2007 | Last revised: 16 Jan 2009


The Lhaca archiving program contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code.


LHA is an archive file format. LHA is used by the Lhaca compression utility.

A stack buffer overflow vulnerability exists in the Lhaca program. This vulnerability occurs due to insuffiecient bounds checking. Note that there are reports that this vulnerability is being publicly exploited.


A remote, unauthenticated attacker may be able to execute arbitrary code, or create a denial-of-service condition.


The vendor has released Lhaca version 1.23 to address this issue. Users are encouraged to upgrade as soon as possible.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
lhacaAffected-06 Jul 2007
BroNot Affected05 Jul 200713 Jul 2007
Command Software SystemsNot Affected05 Jul 200724 Jul 2007
Computer AssociatesNot Affected05 Jul 200716 Jan 2009
Computer Associates eTrust Security ManagementNot Affected05 Jul 200716 Jan 2009
Debian GNU/LinuxNot Affected05 Jul 200731 Jul 2007
F-Secure CorporationNot Affected05 Jul 200717 Jul 2007
Internet Security Systems, Inc.Not Affected05 Jul 200709 Jul 2007
Microsoft CorporationNot Affected05 Jul 200709 Jul 2007
Red Hat, Inc.Not Affected05 Jul 200710 Jul 2007
SnortNot Affected05 Jul 200706 Jul 2007
TippingPoint, Technologies, Inc.Not Affected05 Jul 200706 Jul 2007
3com, Inc.Unknown05 Jul 200705 Jul 2007
Aladdin Knowledge SystemsUnknown05 Jul 200705 Jul 2007
Apple Computer, Inc.Unknown05 Jul 200705 Jul 2007
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



Thanks to Lhaca, Symantec, and for information that was used in this report.

This document was written by Ryan Giobbi.

Other Information

  • CVE IDs: CVE-2007-3375
  • Date Public: 25 Jun 2007
  • Date First Published: 06 Jul 2007
  • Date Last Updated: 16 Jan 2009
  • Severity Metric: 4.02
  • Document Revision: 8


If you have feedback, comments, or additional information about this vulnerability, please send us email.