CVE-2013-5648

2022-10-0316:14:56

Debian Security Bug Tracker

security-tracker.debian.org

cve-2013-5648

handlestartdatafile function

libdigidoc 3.6.0.0

id-software

ddoc file

overwrite arbitrary files

remote attackers

unix

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.8%

JSON

Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / (slash) or \ (backslash) in a DDOC file.

OSVersionArchitecturePackageVersionFilename
Debian12alllibdigidoc< 3.10.5-4libdigidoc_3.10.5-4_all.deb
Debian11alllibdigidoc< 3.10.5-2libdigidoc_3.10.5-2_all.deb
Debian999alllibdigidoc< 3.10.5-5libdigidoc_3.10.5-5_all.deb
Debian13alllibdigidoc< 3.10.5-5libdigidoc_3.10.5-5_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	libdigidoc	< 3.10.5-4	libdigidoc_3.10.5-4_all.deb
Debian	11	all	libdigidoc	< 3.10.5-2	libdigidoc_3.10.5-2_all.deb
Debian	999	all	libdigidoc	< 3.10.5-5	libdigidoc_3.10.5-5_all.deb
Debian	13	all	libdigidoc	< 3.10.5-5	libdigidoc_3.10.5-5_all.deb