CVE-2006-4033

Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize.

Date published : 2006-08-09

http://www.securityfocus.com/bid/19263

http://www.securityfocus.com/archive/1/441822/100/0/threaded