Debian Security Advisory DSA 2915-1 (dpkg - security update)

Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package - leading to the creation of files outside the directory of the source being unpacked. The update to the stable distribution wheezy incorporates...

CVE-2014-0471

Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...

WinRAR ZIP File Handling Filename Spoofing Vulnerability

Added: 04/28/2014 BID: 66383 OSVDB: 62610 Background WinRAR is a shareware file archiver and data compression utility which runs on Microsoft Windows. It can create archives in ZIP format, as well as its own proprietary RAR format, and unpack a variety of other archive types. Problem WinRAR 4.x i...

WinRAR ZIP File Handling Filename Spoofing Vulnerability

Added: 04/28/2014 BID: 66383 OSVDB: 62610 Background WinRAR is a shareware file archiver and data compression utility which runs on Microsoft Windows. It can create archives in ZIP format, as well as its own proprietary RAR format, and unpack a variety of other archive types. Problem WinRAR 4.x i...

UBUNTU-CVE-2014-0471

Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...

WinRAR ZIP File Handling Filename Spoofing Vulnerability

Added: 04/28/2014 BID: 66383 OSVDB: 62610 Background WinRAR is a shareware file archiver and data compression utility which runs on Microsoft Windows. It can create archives in ZIP format, as well as its own proprietary RAR format, and unpack a variety of other archive types. Problem WinRAR 4.x i...

Cross site scripting

Cross-site scripting XSS vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive filename that is not properly handled during use of the composer to add an e-mail attachment...

Directory traversal

Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a filename parameter containing directory traversal sequences...

CVE-2014-2864

Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a filename parameter containing directory traversal sequences...

PDF Album 1.7 iOS - Local File Inclusion

PDF Album 1.7 iOS - Local File Inclusion Document Title: =============== PDF Album v1.7 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1255 Release Date: ============= 2014-04-11 Vulnerability Laboratory ID VL-ID:...

PDF Album 1.7 iOS - Local File Inclusion

Document Title: =============== PDF Album v1.7 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1255 Release Date: ============= 2014-04-11 Vulnerability Laboratory ID VL-ID: ==================================== 1255...

Directory traversal

Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename...

CVE-2014-1969

Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename...

WinRAR - Filename Spoofing (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/zip' class Metasploit3 'WinRAR Filename Spoofing', 'Description' = %q This module abuses a filename spoofing vulnerability in WinRAR. The...

Office Assistant Pro v2.2.2 iOS - File Include Vulnerability

Document Title: =============== Office Assistant Pro v2.2.2 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1197 Release Date: ============= 2014-02-13 Vulnerability Laboratory ID VL-ID: ==================================...

Buffer overflow

Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 05.53 allows remote attackers to execute arbitrary code via a long filename in a GET request...

Directory traversal

Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename...

udisk buffer overflow

Buffer overflow on oversized mountpoint filname...

ownCloud 'filename'参数远程代码执行漏洞

Bugtraq ID:66000 CVE ID:CVE-2014-2044 ownCloud是一款开源的私有云服务器。 ownCloud不正确过滤用户提交的'filename'参数数据，允许远程攻击者利用漏洞提交恶意POST请求执行任意代码。受影响脚本为： /owncloud/owncloud/?app=files&getfile=ajax%2Fupload.php POST 'filename' parameter 0 ownCloud 4.0.x ownCloud 4.5.x 厂商补丁： ownCloud ----- ownCloud 5.0已经修复该漏洞，建议用户下载更新：...

format): Filenames with newline character can lead to revision corruption

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service FSFS repository corruption via a newline character in a file name...