CVE-2017-2158

Summary

Improper verification when expanding ZIP64 archives in Lhaplus versions 1.73 and earlier may lead to unintended contents to be extracted from a specially crafted ZIP64 archive.

Affected Software

VendorProductVersion RangeStatus
SchezoLhaplusVersion 1.73 and earlieraffected

Weaknesses

  • Insufficient Verification of Data Authenticity

ADP Enrichment

CVE Program Container

Additional References

References