Lucene search

MitreCVE-2006-3326

HistoryJun 30, 2006 - 11:05 p.m.

CVE-2006-3326

2006-06-3023:05:00

mitre

web.nvd.nist.gov

cve-2006-3326

directory traversal

quickzip

vulnerability

remote attack

tar

jar

overwrite

provenance

nvd

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.011

Percentile

84.6%

JSON

Directory traversal vulnerability in QuickZip 3.06.3 allows remote user-assisted attackers to overwrite arbitrary files or directories via … (dot dot) sequences in filenames within (1) TAR,(2) GZ, and (3) JAR archives. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

joesph_leungquickzipMatch3.06.3

VendorProductVersionCPE
joesph_leungquickzip3.06.3cpe:2.3:a:joesph_leung:quickzip:3.06.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
joesph_leung	quickzip	3.06.3	cpe:2.3:a:joesph_leung:quickzip:3.06.3:::::::*

References

secunia.com/advisories/20864

www.osvdb.org/26908

www.securityfocus.com/bid/18722

www.vupen.com/english/advisories/2006/2599

exchange.xforce.ibmcloud.com/vulnerabilities/27474

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.011

Percentile

84.6%

JSON

Related for CVE-2006-3326