CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
71.6%
Software: libtar 1.2.11
OS: Cobalt 7.9
CVE-ID: CVE-2013-4420
CVE-Crit: HIGH
CVE-DESC: Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files with a . (dot) in a created tar file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2013-4420
CVE-Crit: HIGH
CVE-DESC: Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files with . (dot) in a created tar file.
CVE-STATUS: default
CVE-REV: default