Vulnerabilities > CVE-2007-4428 - Unspecified vulnerability in Lhaz 1.33
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip file, a different issue than CVE-2006-4116.
References
- http://osvdb.org/39629
- http://osvdb.org/39629
- http://secunia.com/advisories/26532
- http://secunia.com/advisories/26532
- http://vil.mcafeesecurity.com/vil/content/v_142976.htm
- http://vil.mcafeesecurity.com/vil/content/v_142976.htm
- http://www.avertlabs.com/research/blog/index.php/2007/08/17/targeted-zero-day-attack-against-free-tools-lhaz/
- http://www.avertlabs.com/research/blog/index.php/2007/08/17/targeted-zero-day-attack-against-free-tools-lhaz/
- http://www.securityfocus.com/bid/25351
- http://www.securityfocus.com/bid/25351
- http://www.vupen.com/english/advisories/2007/2930
- http://www.vupen.com/english/advisories/2007/2930
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36120
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36120