CVE-2002-0399

2002-10-10T04:00:00
ID CVE-2002-0399
Type cve
Reporter cve@mitre.org
Modified 2018-10-19T15:29:00

Description

Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.