Cisco reported on Thursday that it has discovered a vulnerability in the Lhasa library that allows attackers to execute arbitrary code on targeted systems.
Lhasa is an open source tool and library used to parse and decompress LHA (.lzh) archives, and it’s offered as an alternative for the UNIX LHA utility.