VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-2434
explzh: Buffer overflow in Arcext.dll 2.16.1 and earlier in...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2434

Original

Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remote attackers to execute arbitrary code via an LZH LHA file with a crafted header that is not properly handled during expansion.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-06-25
Source Information Category:
Advisory, Alert
Last Updated:
2010-06-28




Affected Product Tags
cpe:/a:ponsoftware:explzh:1.00
cpe:/a:ponsoftware:explzh:1.08
cpe:/a:ponsoftware:explzh:2.00
cpe:/a:ponsoftware:explzh:2.01
cpe:/a:ponsoftware:explzh:2.03
cpe:/a:ponsoftware:explzh:2.04
cpe:/a:ponsoftware:explzh:2.05
cpe:/a:ponsoftware:explzh:2.06
cpe:/a:ponsoftware:explzh:2.07
cpe:/a:ponsoftware:explzh:2.08
cpe:/a:ponsoftware:explzh:2.09
cpe:/a:ponsoftware:explzh:2.10
cpe:/a:ponsoftware:explzh:2.11
cpe:/a:ponsoftware:explzh:2.12
cpe:/a:ponsoftware:explzh:2.12a
cpe:/a:ponsoftware:explzh:2.12b
cpe:/a:ponsoftware:explzh:2.13
cpe:/a:ponsoftware:explzh:2.14
cpe:/a:ponsoftware:explzh:2.15
cpe:/a:ponsoftware:explzh:2.16
cpe:/a:ponsoftware:explzh:2.16a
cpe:/a:ponsoftware:explzh:2.17
cpe:/a:ponsoftware:explzh:2.17a
cpe:/a:ponsoftware:explzh:2.18
cpe:/a:ponsoftware:explzh:2.19
cpe:/a:ponsoftware:explzh:2.20
cpe:/a:ponsoftware:explzh:2.21
cpe:/a:ponsoftware:explzh:2.22
cpe:/a:ponsoftware:explzh:2.23
cpe:/a:ponsoftware:explzh:2.23a
cpe:/a:ponsoftware:explzh:2.24
cpe:/a:ponsoftware:explzh:2.25
cpe:/a:ponsoftware:explzh:2.26
cpe:/a:ponsoftware:explzh:2.27
cpe:/a:ponsoftware:explzh:2.27b
cpe:/a:ponsoftware:explzh:2.28
cpe:/a:ponsoftware:explzh:2.29
cpe:/a:ponsoftware:explzh:2.30
cpe:/a:ponsoftware:explzh:2.31
cpe:/a:ponsoftware:explzh:2.32
cpe:/a:ponsoftware:explzh:2.33
cpe:/a:ponsoftware:explzh:2.34
cpe:/a:ponsoftware:explzh:2.34a
cpe:/a:ponsoftware:explzh:2.34b
cpe:/a:ponsoftware:explzh:2.35
cpe:/a:ponsoftware:explzh:2.35a
cpe:/a:ponsoftware:explzh:2.35b
cpe:/a:ponsoftware:explzh:2.36
cpe:/a:ponsoftware:explzh:2.37
cpe:/a:ponsoftware:explzh:2.37a
cpe:/a:ponsoftware:explzh:2.37b
cpe:/a:ponsoftware:explzh:2.38
cpe:/a:ponsoftware:explzh:2.39
cpe:/a:ponsoftware:explzh:2.40
cpe:/a:ponsoftware:explzh:2.40a
cpe:/a:ponsoftware:explzh:2.41
cpe:/a:ponsoftware:explzh:2.42
cpe:/a:ponsoftware:explzh:2.42a
cpe:/a:ponsoftware:explzh:2.43
cpe:/a:ponsoftware:explzh:2.44
cpe:/a:ponsoftware:explzh:2.45
cpe:/a:ponsoftware:explzh:2.46
cpe:/a:ponsoftware:explzh:2.47
cpe:/a:ponsoftware:explzh:2.47s
cpe:/a:ponsoftware:explzh:2.48
cpe:/a:ponsoftware:explzh:2.49
cpe:/a:ponsoftware:explzh:2.49a
cpe:/a:ponsoftware:explzh:2.49b
cpe:/a:ponsoftware:explzh:2.50
cpe:/a:ponsoftware:explzh:2.60
cpe:/a:ponsoftware:explzh:2.60a
cpe:/a:ponsoftware:explzh:2.61
cpe:/a:ponsoftware:explzh:2.62
cpe:/a:ponsoftware:explzh:2.63
cpe:/a:ponsoftware:explzh:2.63a
cpe:/a:ponsoftware:explzh:2.64
cpe:/a:ponsoftware:explzh:2.65
cpe:/a:ponsoftware:explzh:2.66
cpe:/a:ponsoftware:explzh:2.66a
cpe:/a:ponsoftware:explzh:2.67
cpe:/a:ponsoftware:explzh:2.67a
cpe:/a:ponsoftware:explzh:2.68
cpe:/a:ponsoftware:explzh:2.69
cpe:/a:ponsoftware:explzh:2.69a
cpe:/a:ponsoftware:explzh:2.70
cpe:/a:ponsoftware:explzh:2.71
cpe:/a:ponsoftware:explzh:2.72
cpe:/a:ponsoftware:explzh:2.73
cpe:/a:ponsoftware:explzh:2.74
cpe:/a:ponsoftware:explzh:2.74a
cpe:/a:ponsoftware:explzh:2.74c
cpe:/a:ponsoftware:explzh:2.75
cpe:/a:ponsoftware:explzh:2.76
cpe:/a:ponsoftware:explzh:2.77
cpe:/a:ponsoftware:explzh:2.77a
cpe:/a:ponsoftware:explzh:2.77b
cpe:/a:ponsoftware:explzh:2.78
cpe:/a:ponsoftware:explzh:2.79
cpe:/a:ponsoftware:explzh:2.79_%28a_%2F_b%29::public
cpe:/a:ponsoftware:explzh:2.79a
cpe:/a:ponsoftware:explzh:2.80
cpe:/a:ponsoftware:explzh:2.81
cpe:/a:ponsoftware:explzh:2.82
cpe:/a:ponsoftware:explzh:2.83
cpe:/a:ponsoftware:explzh:2.84
cpe:/a:ponsoftware:explzh:2.85
cpe:/a:ponsoftware:explzh:2.86
cpe:/a:ponsoftware:explzh:2.87
cpe:/a:ponsoftware:explzh:2.87a
cpe:/a:ponsoftware:explzh:2.88
cpe:/a:ponsoftware:explzh:2.89
cpe:/a:ponsoftware:explzh:2.90
cpe:/a:ponsoftware:explzh:2.91
cpe:/a:ponsoftware:explzh:2.92
cpe:/a:ponsoftware:explzh:2.93:1
cpe:/a:ponsoftware:explzh:2.93:2
cpe:/a:ponsoftware:explzh:2.94
cpe:/a:ponsoftware:explzh:2.95
cpe:/a:ponsoftware:explzh:2.96
cpe:/a:ponsoftware:explzh:2.97
cpe:/a:ponsoftware:explzh:2.97a
cpe:/a:ponsoftware:explzh:2.97b
cpe:/a:ponsoftware:explzh:2.98
cpe:/a:ponsoftware:explzh:2.98a_%28b%29:public
cpe:/a:ponsoftware:explzh:2.99
cpe:/a:ponsoftware:explzh:3.00
cpe:/a:ponsoftware:explzh:3.01
cpe:/a:ponsoftware:explzh:3.01a
cpe:/a:ponsoftware:explzh:3.01b
cpe:/a:ponsoftware:explzh:3.02
cpe:/a:ponsoftware:explzh:3.03
cpe:/a:ponsoftware:explzh:3.03a
cpe:/a:ponsoftware:explzh:3.03b
cpe:/a:ponsoftware:explzh:3.04
cpe:/a:ponsoftware:explzh:3.05
cpe:/a:ponsoftware:explzh:3.05a
cpe:/a:ponsoftware:explzh:3.06
cpe:/a:ponsoftware:explzh:3.07
cpe:/a:ponsoftware:explzh:3.08
cpe:/a:ponsoftware:explzh:3.09
cpe:/a:ponsoftware:explzh:3.10
cpe:/a:ponsoftware:explzh:3.11
cpe:/a:ponsoftware:explzh:3.12
cpe:/a:ponsoftware:explzh:3.12:beta
cpe:/a:ponsoftware:explzh:3.13
cpe:/a:ponsoftware:explzh:3.13:beta
cpe:/a:ponsoftware:explzh:3.14
cpe:/a:ponsoftware:explzh:3.14a
cpe:/a:ponsoftware:explzh:3.15:beta
cpe:/a:ponsoftware:explzh:3.15:beta2
cpe:/a:ponsoftware:explzh:3.15:beta3
cpe:/a:ponsoftware:explzh:3.16
cpe:/a:ponsoftware:explzh:3.16a
cpe:/a:ponsoftware:explzh:3.16b
cpe:/a:ponsoftware:explzh:3.16c
cpe:/a:ponsoftware:explzh:3.17
cpe:/a:ponsoftware:explzh:3.17a
cpe:/a:ponsoftware:explzh:3.17b
cpe:/a:ponsoftware:explzh:3.18
cpe:/a:ponsoftware:explzh:3.18a
cpe:/a:ponsoftware:explzh:3.18b
cpe:/a:ponsoftware:explzh:3.18c
cpe:/a:ponsoftware:explzh:3.19
cpe:/a:ponsoftware:explzh:3.19a
cpe:/a:ponsoftware:explzh:3.20
cpe:/a:ponsoftware:explzh:3.21
cpe:/a:ponsoftware:explzh:3.22
cpe:/a:ponsoftware:explzh:3.22a
cpe:/a:ponsoftware:explzh:3.23
cpe:/a:ponsoftware:explzh:3.23a
cpe:/a:ponsoftware:explzh:3.24
cpe:/a:ponsoftware:explzh:3.25
cpe:/a:ponsoftware:explzh:3.26
cpe:/a:ponsoftware:explzh:3.26a
cpe:/a:ponsoftware:explzh:3.27
cpe:/a:ponsoftware:explzh:3.28
cpe:/a:ponsoftware:explzh:3.29
cpe:/a:ponsoftware:explzh:3.30
cpe:/a:ponsoftware:explzh:3.30a:beta
cpe:/a:ponsoftware:explzh:3.31
cpe:/a:ponsoftware:explzh:3.32
cpe:/a:ponsoftware:explzh:3.33
cpe:/a:ponsoftware:explzh:3.33a:beta
cpe:/a:ponsoftware:explzh:3.34
cpe:/a:ponsoftware:explzh:3.35
cpe:/a:ponsoftware:explzh:3.36
cpe:/a:ponsoftware:explzh:3.36a
cpe:/a:ponsoftware:explzh:3.36b:beta
cpe:/a:ponsoftware:explzh:3.37
cpe:/a:ponsoftware:explzh:3.38
cpe:/a:ponsoftware:explzh:3.39
cpe:/a:ponsoftware:explzh:3.40
cpe:/a:ponsoftware:explzh:3.41
cpe:/a:ponsoftware:explzh:3.42
cpe:/a:ponsoftware:explzh:3.42b:beta
cpe:/a:ponsoftware:explzh:3.43
cpe:/a:ponsoftware:explzh:3.44
cpe:/a:ponsoftware:explzh:3.44a:beta
cpe:/a:ponsoftware:explzh:3.44b:beta
cpe:/a:ponsoftware:explzh:3.45
cpe:/a:ponsoftware:explzh:3.46
cpe:/a:ponsoftware:explzh:3.47
cpe:/a:ponsoftware:explzh:3.48
cpe:/a:ponsoftware:explzh:3.48b:beta
cpe:/a:ponsoftware:explzh:3.49
cpe:/a:ponsoftware:explzh:3.50
cpe:/a:ponsoftware:explzh:3.51
cpe:/a:ponsoftware:explzh:3.52
cpe:/a:ponsoftware:explzh:3.53
cpe:/a:ponsoftware:explzh:3.54
cpe:/a:ponsoftware:explzh:3.54a
cpe:/a:ponsoftware:explzh:3.54b
cpe:/a:ponsoftware:explzh:3.54b:beta
cpe:/a:ponsoftware:explzh:3.55
cpe:/a:ponsoftware:explzh:3.56
cpe:/a:ponsoftware:explzh:3.56b
cpe:/a:ponsoftware:explzh:3.56c
cpe:/a:ponsoftware:explzh:3.57
cpe:/a:ponsoftware:explzh:3.57a:beta
cpe:/a:ponsoftware:explzh:3.58
cpe:/a:ponsoftware:explzh:3.58a:beta
cpe:/a:ponsoftware:explzh:3.58c:beta
cpe:/a:ponsoftware:explzh:3.58d:beta
cpe:/a:ponsoftware:explzh:3.59
cpe:/a:ponsoftware:explzh:3.60
cpe:/a:ponsoftware:explzh:3.61
cpe:/a:ponsoftware:explzh:3.61a
cpe:/a:ponsoftware:explzh:3.62
cpe:/a:ponsoftware:explzh:3.63
cpe:/a:ponsoftware:explzh:3.64
cpe:/a:ponsoftware:explzh:3.65
cpe:/a:ponsoftware:explzh:3.66
cpe:/a:ponsoftware:explzh:3.67
cpe:/a:ponsoftware:explzh:3.68
cpe:/a:ponsoftware:explzh:3.69
cpe:/a:ponsoftware:explzh:3.70
cpe:/a:ponsoftware:explzh:3.71
cpe:/a:ponsoftware:explzh:3.72
cpe:/a:ponsoftware:explzh:3.73
cpe:/a:ponsoftware:explzh:3.74
cpe:/a:ponsoftware:explzh:3.75
cpe:/a:ponsoftware:explzh:3.76
cpe:/a:ponsoftware:explzh:3.77
cpe:/a:ponsoftware:explzh:3.78
cpe:/a:ponsoftware:explzh:3.79
cpe:/a:ponsoftware:explzh:3.80
cpe:/a:ponsoftware:explzh:3.81
cpe:/a:ponsoftware:explzh:3.82
cpe:/a:ponsoftware:explzh:3.83
cpe:/a:ponsoftware:explzh:3.84
cpe:/a:ponsoftware:explzh:3.85
cpe:/a:ponsoftware:explzh:3.86
cpe:/a:ponsoftware:explzh:3.87
cpe:/a:ponsoftware:explzh:3.88
cpe:/a:ponsoftware:explzh:3.89
cpe:/a:ponsoftware:explzh:3.90
cpe:/a:ponsoftware:explzh:3.91
cpe:/a:ponsoftware:explzh:3.92
cpe:/a:ponsoftware:explzh:3.93
cpe:/a:ponsoftware:explzh:3.94
cpe:/a:ponsoftware:explzh:3.95
cpe:/a:ponsoftware:explzh:3.96
cpe:/a:ponsoftware:explzh:3.97
cpe:/a:ponsoftware:explzh:3.98
cpe:/a:ponsoftware:explzh:3.99
cpe:/a:ponsoftware:explzh:4.00
cpe:/a:ponsoftware:explzh:4.01
cpe:/a:ponsoftware:explzh:4.02
cpe:/a:ponsoftware:explzh:4.03
cpe:/a:ponsoftware:explzh:4.04
cpe:/a:ponsoftware:explzh:4.05
cpe:/a:ponsoftware:explzh:4.06
cpe:/a:ponsoftware:explzh:4.07
cpe:/a:ponsoftware:explzh:4.08
cpe:/a:ponsoftware:explzh:4.09
cpe:/a:ponsoftware:explzh:4.10
cpe:/a:ponsoftware:explzh:4.11
cpe:/a:ponsoftware:explzh:4.12
cpe:/a:ponsoftware:explzh:4.13
cpe:/a:ponsoftware:explzh:4.14
cpe:/a:ponsoftware:explzh:4.15
cpe:/a:ponsoftware:explzh:4.16
cpe:/a:ponsoftware:explzh:4.17
cpe:/a:ponsoftware:explzh:4.18
cpe:/a:ponsoftware:explzh:4.19
cpe:/a:ponsoftware:explzh:4.20
cpe:/a:ponsoftware:explzh:4.20:public_beta:-:english
cpe:/a:ponsoftware:explzh:4.21
cpe:/a:ponsoftware:explzh:4.22
cpe:/a:ponsoftware:explzh:4.23
cpe:/a:ponsoftware:explzh:4.24
cpe:/a:ponsoftware:explzh:4.25
cpe:/a:ponsoftware:explzh:4.26
cpe:/a:ponsoftware:explzh:4.27
cpe:/a:ponsoftware:explzh:4.28
cpe:/a:ponsoftware:explzh:4.29
cpe:/a:ponsoftware:explzh:4.30
cpe:/a:ponsoftware:explzh:4.31
cpe:/a:ponsoftware:explzh:4.32
cpe:/a:ponsoftware:explzh:4.33
cpe:/a:ponsoftware:explzh:4.34
cpe:/a:ponsoftware:explzh:4.35
cpe:/a:ponsoftware:explzh:4.36
cpe:/a:ponsoftware:explzh:4.37
cpe:/a:ponsoftware:explzh:4.38
cpe:/a:ponsoftware:explzh:4.39
cpe:/a:ponsoftware:explzh:4.40
cpe:/a:ponsoftware:explzh:4.41
cpe:/a:ponsoftware:explzh:4.42
cpe:/a:ponsoftware:explzh:4.43
cpe:/a:ponsoftware:explzh:4.44
cpe:/a:ponsoftware:explzh:4.45
cpe:/a:ponsoftware:explzh:4.46
cpe:/a:ponsoftware:explzh:4.47
cpe:/a:ponsoftware:explzh:4.48
cpe:/a:ponsoftware:explzh:4.49
cpe:/a:ponsoftware:explzh:4.51
cpe:/a:ponsoftware:explzh:4.52
cpe:/a:ponsoftware:explzh:4.53
cpe:/a:ponsoftware:explzh:4.54
cpe:/a:ponsoftware:explzh:4.55
cpe:/a:ponsoftware:explzh:4.56
cpe:/a:ponsoftware:explzh:4.57
cpe:/a:ponsoftware:explzh:4.58
cpe:/a:ponsoftware:explzh:4.59
cpe:/a:ponsoftware:explzh:4.60
cpe:/a:ponsoftware:explzh:4.61
cpe:/a:ponsoftware:explzh:4.62
cpe:/a:ponsoftware:explzh:4.63
cpe:/a:ponsoftware:explzh:4.64
cpe:/a:ponsoftware:explzh:4.65
cpe:/a:ponsoftware:explzh:4.66
cpe:/a:ponsoftware:explzh:4.67
cpe:/a:ponsoftware:explzh:4.68
cpe:/a:ponsoftware:explzh:4.69
cpe:/a:ponsoftware:explzh:4.70
cpe:/a:ponsoftware:explzh:4.71
cpe:/a:ponsoftware:explzh:4.72
cpe:/a:ponsoftware:explzh:4.73
cpe:/a:ponsoftware:explzh:4.74
cpe:/a:ponsoftware:explzh:4.75
cpe:/a:ponsoftware:explzh:4.76
cpe:/a:ponsoftware:explzh:4.77
cpe:/a:ponsoftware:explzh:4.78
cpe:/a:ponsoftware:explzh:4.79
cpe:/a:ponsoftware:explzh:4.80
cpe:/a:ponsoftware:explzh:4.81
cpe:/a:ponsoftware:explzh:4.82
cpe:/a:ponsoftware:explzh:4.90
cpe:/a:ponsoftware:explzh:4.91
cpe:/a:ponsoftware:explzh:4.92
cpe:/a:ponsoftware:explzh:4.93
cpe:/a:ponsoftware:explzh:4.94
cpe:/a:ponsoftware:explzh:4.95
cpe:/a:ponsoftware:explzh:4.96
cpe:/a:ponsoftware:explzh:4.97
cpe:/a:ponsoftware:explzh:4.98
cpe:/a:ponsoftware:explzh:4.99
cpe:/a:ponsoftware:explzh:4.99.2
cpe:/a:ponsoftware:explzh:5.01
cpe:/a:ponsoftware:explzh:5.02
cpe:/a:ponsoftware:explzh:5.03
cpe:/a:ponsoftware:explzh:5.04
cpe:/a:ponsoftware:explzh:5.05
cpe:/a:ponsoftware:explzh:5.06
cpe:/a:ponsoftware:explzh:5.07
cpe:/a:ponsoftware:explzh:5.08
cpe:/a:ponsoftware:explzh:5.09
cpe:/a:ponsoftware:explzh:5.10
cpe:/a:ponsoftware:explzh:5.11
cpe:/a:ponsoftware:explzh:5.12
cpe:/a:ponsoftware:explzh:5.13
cpe:/a:ponsoftware:explzh:5.14
cpe:/a:ponsoftware:explzh:5.15
cpe:/a:ponsoftware:explzh:5.16
cpe:/a:ponsoftware:explzh:5.17
cpe:/a:ponsoftware:explzh:5.20
cpe:/a:ponsoftware:explzh:5.21
cpe:/a:ponsoftware:explzh:5.22
cpe:/a:ponsoftware:explzh:5.23
cpe:/a:ponsoftware:explzh:5.23a:beta
cpe:/a:ponsoftware:explzh:5.24
cpe:/a:ponsoftware:explzh:5.25
cpe:/a:ponsoftware:explzh:5.26
cpe:/a:ponsoftware:explzh:5.27
cpe:/a:ponsoftware:explzh:5.28
cpe:/a:ponsoftware:explzh:5.29
cpe:/a:ponsoftware:explzh:5.30
cpe:/a:ponsoftware:explzh:5.31
cpe:/a:ponsoftware:explzh:5.32
cpe:/a:ponsoftware:explzh:5.33
cpe:/a:ponsoftware:explzh:5.34
cpe:/a:ponsoftware:explzh:5.35
cpe:/a:ponsoftware:explzh:5.36
cpe:/a:ponsoftware:explzh:5.37
cpe:/a:ponsoftware:explzh:5.40
cpe:/a:ponsoftware:explzh:5.41
cpe:/a:ponsoftware:explzh:5.42
cpe:/a:ponsoftware:explzh:5.43
cpe:/a:ponsoftware:explzh:5.43a:beta
cpe:/a:ponsoftware:explzh:5.44
cpe:/a:ponsoftware:explzh:5.45
cpe:/a:ponsoftware:explzh:5.46
cpe:/a:ponsoftware:explzh:5.47
cpe:/a:ponsoftware:explzh:5.50
cpe:/a:ponsoftware:explzh:5.51
cpe:/a:ponsoftware:explzh:5.52
cpe:/a:ponsoftware:explzh:5.53
cpe:/a:ponsoftware:explzh:5.54
cpe:/a:ponsoftware:explzh:5.55
cpe:/a:ponsoftware:explzh:5.56
cpe:/a:ponsoftware:explzh:5.57
cpe:/a:ponsoftware:explzh:5.58
cpe:/a:ponsoftware:explzh:5.59
cpe:/a:ponsoftware:explzh:5.60
cpe:/a:ponsoftware:explzh:5.61
cpe:/a:ponsoftware:explzh:5.62 and previous versions
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives




References
BID 41025




CONFIRM http://www.ponsoftware.com/archiver/bug.htm#lzh_bufover




JVN JVN#34729123




JVNDB JVNDB-2010-000026




OSVDB 65666




SECUNIA 40324




Vulnerability Type Buffer Errors (CWE-119)




XF explzh-lhaprocessing-bo(59624)




Copyright © 2010 JPCERT/CC All Rights Reserved.