6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
82.3%
The Archive::Tar module provides a mechanism for Perl scripts to manipulate
tar archive files.
Multiple directory traversal flaws were discovered in the Archive::Tar
module. A specially-crafted tar file could cause a Perl script, using the
Archive::Tar module to extract the archive, to overwrite an arbitrary file
writable by the user running the script. (CVE-2007-4829)
This package upgrades the Archive::Tar module to version 1.39_01. Refer to
the Archive::Tar moduleโs changes file, linked to in the References, for a
full list of changes.
Users of perl-Archive-Tar are advised to upgrade to this updated package,
which corrects these issues. All applications using the Archive::Tar module
must be restarted for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | src | perl-archive-tar | <ย 1.39.1-1.el5_5.1 | perl-Archive-Tar-1.39.1-1.el5_5.1.src.rpm |
RedHat | 4 | src | perl-archive-tar | <ย 1.39.1-1.el4_8.1 | perl-Archive-Tar-1.39.1-1.el4_8.1.src.rpm |
RedHat | 4 | noarch | perl-archive-tar | <ย 1.39.1-1.el4_8.1 | perl-Archive-Tar-1.39.1-1.el4_8.1.noarch.rpm |
RedHat | 5 | noarch | perl-archive-tar | <ย 1.39.1-1.el5_5.1 | perl-Archive-Tar-1.39.1-1.el5_5.1.noarch.rpm |