Cisco Blogs
Share

Vulnerability Spotlight: Lhasa Integer Underflow Exploit

- March 31, 2016 - 0 Comments

Talos is disclosing the discovery of vulnerability TALOS-2016-0095 / CVE-2016-2347 in the Lhasa LZH/LHA decompression tool and library. This vulnerability is due to an integer underflow condition. The software verifies that header values are not too large, but does not check for a too small header length. Decompressing a LHA or LZH file containing an under-value header size leads to the decompression software allocating a pointer to point to released memory on the heap. An attacker controlling the length and content of such a file can use the vulnerability to overwrite the heap with arbitrary code.

Read More>>

 

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.