Lucene search

[email protected]CVE-2001-1268

HistoryJul 12, 2001 - 4:00 a.m.

CVE-2001-1268

2001-07-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

info-zip unzip 5.42

directory traversal vulnerability

nvd

cve-2001-1268

6.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

29.0%

JSON

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a … (dot dot) in an extracted filename.

CPENameOperatorVersion
info-zip:unzipinfo-zip unziple5.42

CPE	Name	Operator	Version
info-zip:unzip	info-zip unzip	le	5.42

References

online.securityfocus.com/archive/1/196445

sunsolve.sun.com/search/document.do?assetkey=1-26-47800-1

sunsolve.sun.com/search/document.do?assetkey=1-77-1000928.1-1

www.info-zip.org/pub/infozip/UnZip.html

6.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

29.0%

JSON

Related for CVE-2001-1268

nessus2 rubygems2