Lucene search

K
nvd[email protected]NVD:CVE-2010-0831
HistoryJun 18, 2010 - 6:30 p.m.

CVE-2010-0831

2010-06-1818:30:01
CWE-22
web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.01

Percentile

83.4%

Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a … (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.

Affected configurations

NVD
Node
matthias_klosefastjarMatch0.98

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.01

Percentile

83.4%