Lucene search
PRIOn knowledge basePRION:CVE-2019-14452HistoryJul 31, 2019 - 2:15 a.m.
Directory traversal
2019-07-3102:15:00
PRIOn knowledge base
www.prio-n.com
3
0.003 Low
EPSS
Percentile
70.7%
Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a …/ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 16.04 | |
| ubuntu_linux | eq | 18.04 | |
| ubuntu_linux | eq | 19.04 | |
| flightcrew | ge | 0.9.2 | |
| sigil | lt | 0.9.16 |
References
github.com/Sigil-Ebook/flightcrew/issues/52
github.com/Sigil-Ebook/flightcrew/issues/52
github.com/Sigil-Ebook/Sigil/commit/04e2f280cc4a0766bedcc7b9eb56449ceecc2ad4
github.com/Sigil-Ebook/Sigil/commit/0979ba8d10c96ebca330715bfd4494ea0e019a8f
github.com/Sigil-Ebook/Sigil/commit/369eebe936e4a8c83cc54662a3412ce8bef189e4
github.com/Sigil-Ebook/Sigil/compare/ea7f27d...5b867e5
github.com/Sigil-Ebook/Sigil/releases/tag/0.9.16
salvatoresecurity.com/zip-slip-in-sigil-cve-2019-14452/
usn.ubuntu.com/4085-1/
Related
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : Sigil vulnerability (USN-4085-1)
2019-08-12 00:00:00
debiancve
debiancve
CVE-2019-14452
2019-07-31 02:15:10
ubuntu
ubuntu
Sigil vulnerability
2019-08-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4085-1)
2019-08-02 00:00:00
Mageia: Security Advisory (MGASA-2019-0249)
2022-01-28 00:00:00
osv
osv
CVE-2019-14452
2019-07-31 02:15:10
cvelist
cvelist
CVE-2019-14452
2019-07-31 01:33:44
cve
cve
CVE-2019-14452
2019-07-31 02:15:10
nvd
nvd
CVE-2019-14452
2019-07-31 02:15:10
ubuntucve
ubuntucve
CVE-2019-14452
2019-07-30 00:00:00
mageia
mageia
Updated sigil packages fix security vulnerability
2019-09-07 00:09:08