CyberSec.Space Logo
CVEブラウザに戻る

CVE-2004-0234

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile19.99th
Published2004年8月18日
Last Modified2026年4月16日

Vulnerability Description

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

Affected Platforms (CPE)

📦
Clearswift

Mailsweeper

= 4.0
📦
Clearswift

Mailsweeper

= 4.1
📦
Clearswift

Mailsweeper

= 4.2
📦
Clearswift

Mailsweeper

= 4.3
📦
Clearswift

Mailsweeper

= 4.3.3
📦
Clearswift

Mailsweeper

= 4.3.4
📦
Clearswift

Mailsweeper

= 4.3.5
📦
Clearswift

Mailsweeper

= 4.3.6
📦
Clearswift

Mailsweeper

= 4.3.6_sp1
📦
Clearswift

Mailsweeper

= 4.3.7
📦
Clearswift

Mailsweeper

= 4.3.8
📦
Clearswift

Mailsweeper

= 4.3.10
📦
Clearswift

Mailsweeper

= 4.3.11
📦
Clearswift

Mailsweeper

= 4.3.13
📦
F Secure

F Secure Anti Virus

= 4.51
📦
F Secure

F Secure Anti Virus

= 4.51
📦
F Secure

F Secure Anti Virus

= 4.51
📦
F Secure

F Secure Anti Virus

= 4.52
📦
F Secure

F Secure Anti Virus

= 4.52
📦
F Secure

F Secure Anti Virus

= 4.52
📦
F Secure

F Secure Anti Virus

= 4.60
📦
F Secure

F Secure Anti Virus

= 5.5
📦
F Secure

F Secure Anti Virus

= 5.41
📦
F Secure

F Secure Anti Virus

= 5.41
📦
F Secure

F Secure Anti Virus

= 5.41
📦
F Secure

F Secure Anti Virus

= 5.42
📦
F Secure

F Secure Anti Virus

= 5.42
📦
F Secure

F Secure Anti Virus

= 5.42
📦
F Secure

F Secure Anti Virus

= 5.52
📦
F Secure

F Secure Anti Virus

= 6.21
📦
F Secure

F Secure Anti Virus

= 2003
📦
F Secure

F Secure Anti Virus

= 2004
📦
F Secure

F Secure For Firewalls

= 6.20
📦
F Secure

F Secure Internet Security

= 2003
📦
F Secure

F Secure Internet Security

= 2004
📦
F Secure

F Secure Personal Express

= 4.5
📦
F Secure

F Secure Personal Express

= 4.6
📦
F Secure

F Secure Personal Express

= 4.7
📦
F Secure

Internet Gatekeeper

= 6.31
📦
F Secure

Internet Gatekeeper

= 6.32
📦
Rarlab

Winrar

= 3.20
📦
Redhat

Lha

= 1.14i-9
📦
Sgi

Propack

= 2.4
📦
Sgi

Propack

= 3.0
📦
Stalker

Cgpmcafee

= 3.2
📦
Tsugio Okamoto

Lha

= 1.14
📦
Tsugio Okamoto

Lha

= 1.15
📦
Tsugio Okamoto

Lha

= 1.17
📦
Winzip

Winzip

= 9.0
💻
Redhat

Fedora Core

= core_1.0

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html
🔗 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html
🔗 http://marc.info/?l=bugtraq&m=108422737918885&w=2
🔗 http://secunia.com/advisories/19514
🔗 http://security.gentoo.org/glsa/glsa-200405-02.xml
🔗 http://securitytracker.com/id?1015866

関連する脆弱性情報

CVE-2003-14777.8

MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attac...

CVE-2003-01217.5

Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-V...

CVE-2003-11547.5

MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as...

CVE-2001-15817.5

The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote attackers to bypass e-mail attachment filtering poli...