18 matches found
SUSE CVE-2005-3990
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3619. Reason: This candidate is a duplicate of CVE-2006-3619. Notes: All CVE users should reference CVE-2006-3619 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...
SUSE CVE-2006-3619
Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences...
Scientific Linux Security Update : gcc on SL4 i386/x86_64
Jrgen Weigert discovered a directory traversal flaw in fastjar. An attacker could create a malicious JAR file which, if unpacked using fastjar, could write to any files the victim had write access to. CVE-2006-3619 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C...
Mandriva Update for fastjar MDVSA-2010:122 (fastjar)
Check for the Version of fastjar OpenVAS Vulnerability Test Mandriva Update for fastjar MDVSA-2010:122 fastjar Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Update for fastjar MDVSA-2010:122 (fastjar)
Check for the Version of fastjar OpenVAS Vulnerability Test Mandriva Update for fastjar MDVSA-2010:122 fastjar Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CVE-2010-2322
Absolute path traversal vulnerability in the extractjar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an...
Directory traversal
Directory traversal vulnerability in the extractjar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. dot dot in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this...
CVE-2010-2322
Absolute path traversal vulnerability in the extractjar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an...
Path traversal
Absolute path traversal vulnerability in the extractjar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an...
CVE-2010-2322
Absolute path traversal vulnerability in the extractjar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an...
Debian Security Advisory DSA 1170-1 (gcc-3.4)
The remote host is missing an update to gcc-3.4 announced via advisory DSA 1170-1. Jürgen Weigert discovered that upon unpacking JAR archives fastjar from the GNU Compiler Collection does not check the path for included files and allows to create or overwrite files in upper directories. OpenVAS...
Moderate: gcc security and bug fix update
3.2.3-59 - fix directory traversal bug in fastjar Richard Guenther, 225552, CVE-2006-3619 - fix a reload bug with -fnon-call-exceptions Alexandre Oliva, 226706...
CentOS 3 : gcc (CESA-2007:0473)
Updated gcc packages that fix a security issue and another bug are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gcc packages include C, C++, Java, Fortran 77, Objective C, and Ada 95 GNU compilers and related support...
cpp, gcc, libf2c, libgcc, libgcj, libgnat, libobjc, libstdc++ security update
CentOS Errata and Security Advisory CESA-2007:0473 Updated gcc packages that fix a security issue and another bug are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gcc packages include C, C++, Java, Fortran 77, Objective C,...
cpp, gcc, libf2c, libgcc, libgcj, libgnat, libobjc, libstdc++ security update
CentOS Errata and Security Advisory CESA-2007:0220 Updated gcc packages that fix a security issue and various bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gcc packages include C, C++, Java, Fortran 77, Objective C...
RHEL 4 : gcc (RHSA-2007:0220)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2007:0220 advisory. The gcc packages include C, C++, Java, Fortran 77, Objective C, and Ada 95 GNU compilers and related support libraries. Jrgen Weigert discovered a...
CVE-2006-3619
CVE-2006-3619 describes a directory-traversal flaw in FastJar’s extract_jar function (jartool.c). The vulnerability exists in FastJar 0.93 and earlier (as used in GCC 4.1.1 and earlier, and 3.4.6 and earlier) and allows a user-controlled .jar to overwrite arbitrary files via filenames containing ...
CVE-2005-3990
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3619. Reason: This candidate is a duplicate of CVE-2006-3619. Notes: All CVE users should reference CVE-2006-3619 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...