Talos is disclosing the discovery of vulnerability TALOS-2016-0095 / CVE-2016-2347 in the Lhasa LZH/LHA decompression tool and library. This vulnerability is due to an integer underflow condition. The software verifies that header values are not too large, but does not check for a too small header length. Decompressing a LHA or LZH file containing an […]
from Security – Cisco Blog http://ift.tt/1q5WLsx
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.