CVE-2004-0235 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-0235 Interim 1 4 2023-12-09T02:25:27Z current 2021-05-30T12:29:57Z 2023-12-09T02:25:27Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-0235 Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZGHTCYKJQZHPN6I3QQCHBCQOAOGXCVM6/#ZGHTCYKJQZHPN6I3QQCHBCQOAOGXCVM6 E-Mail link for SuSE-SA:2004:010 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EPOJF7OOZYQMQO3K6FJV5UTIWNWIHPSI/#EPOJF7OOZYQMQO3K6FJV5UTIWNWIHPSI E-Mail link for SuSE-SA:2004:011 https://www.suse.com/support/security/rating/ SUSE Security Ratings Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). CVE-2004-0235 moderate 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N