Lucene search
DebianCVE-2015-0552HistoryJan 15, 2015 - 3:59 p.m.
CVE-2015-0552
2015-01-1515:59:26
CWE-22
debian
web.nvd.nist.gov
26
cve-2015-0552
directory traversal
vulnerability
remote attackers
arbitrary files
libgcab
gcab 0.4
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.008
Percentile
81.1%
Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by “\tmp\moo.”
Affected configurations
Node
gnomegcabMatch0.4
Node
opensuseopensuseMatch13.1
ORopensuseopensuseMatch13.2
Related
openvas
openvas
Fedora Update for gcab FEDORA-2015-0264
2015-06-09 00:00:00
Mageia: Security Advisory (MGASA-2015-0018)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: gcab-0.4-7.fc21
2015-05-30 15:57:30
cvelist
cvelist
CVE-2015-0552
2015-01-15 15:00:00
ubuntucve
ubuntucve
CVE-2015-0552
2015-01-15 00:00:00
debiancve
debiancve
CVE-2015-0552
2015-01-15 15:59:26
prion
prion
Directory traversal
2015-01-15 15:59:00
nessus
nessus
Fedora 21 : gcab-0.4-7.fc21 (2015-0264)
2015-06-02 00:00:00
openSUSE Security Update : gcab (openSUSE-SU-2015:0043-1)
2015-01-15 00:00:00
nvd
nvd
CVE-2015-0552
2015-01-15 15:59:26
mageia
mageia
Updated gcab packages fix CVE-2015-0552
2015-01-09 19:44:12
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.008
Percentile
81.1%
Related for CVE-2015-0552