Lucene search
K

140 matches found

Tenable Nessus
Tenable Nessus
added 2018/01/31 12:0 a.m.27 views

Fedora 26 : poco (2018-7349a7723e)

Security fix for CVE-2017-1000472 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

6.5CVSS6.8AI score0.01681EPSS
Exploits1References2
Fedora
Fedora
added 2018/01/30 5:33 p.m.21 views

[SECURITY] Fedora 26 Update: poco-1.7.8p3-3.fc26

The POCO C++ Libraries POCO stands for POrtable COmponents are open source C++ class libraries that simplify and accelerate the development of network-centric, portable applications in C++. The POCO C++ Libraries are built strictly on standard ANSI/ISO C++, including the standard library...

6.5CVSS2.1AI score0.01681EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/01/27 12:0 a.m.17 views

Fedora Update for poco FEDORA-2018-ef9e28d9e4

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01681EPSS
Exploits1References2
Fedora
Fedora
added 2018/01/26 6:10 p.m.17 views

[SECURITY] Fedora 27 Update: poco-1.7.8p3-3.fc27

The POCO C++ Libraries POCO stands for POrtable COmponents are open source C++ class libraries that simplify and accelerate the development of network-centric, portable applications in C++. The POCO C++ Libraries are built strictly on standard ANSI/ISO C++, including the standard library...

6.5CVSS2.1AI score0.01681EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/01/12 12:0 a.m.32 views

Debian DSA-4083-1 : poco - security update

Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files. C Tenable Network Security, Inc. The descriptive text and package checks in...

6.5CVSS6.8AI score0.01681EPSS
Exploits1References5
Debian
Debian
added 2018/01/11 8:51 a.m.19 views

[SECURITY] [DSA 4083-1] poco security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4083-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 11, 2018 https://www.debian.org/security/faq -...

5.8CVSS1.6AI score0.01681EPSS
Exploits1
Debian
Debian
added 2018/01/11 8:51 a.m.27 views

[SECURITY] [DSA 4083-1] poco security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4083-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 11, 2018 https://www.debian.org/security/faq -...

6.5CVSS6.3AI score0.01681EPSS
Exploits1
OSV
OSV
added 2018/01/11 12:0 a.m.13 views

DSA-4083-1 poco - security update

Bulletin has no description...

6.5CVSS6.3AI score0.01681EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/01/11 12:0 a.m.20 views

Debian: Security Advisory (DLA-1239-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01681EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/01/11 12:0 a.m.21 views

Debian DLA-1239-1 : poco security update

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS7.2AI score0.01681EPSS
Exploits1References3
Debian
Debian
added 2018/01/10 4:25 p.m.19 views

[SECURITY] [DLA 1239-1] poco security update

Package : poco Version : 1.3.6p1-4+deb7u1 CVE ID : CVE-2017-1000472...

6.5CVSS6.6AI score0.01681EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/01/10 12:0 a.m.37 views

Debian: Security Advisory (DSA-4083-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01681EPSS
Exploits1References4
OSV
OSV
added 2018/01/10 12:0 a.m.17 views

DLA-1239-1 poco - security update

Bulletin has no description...

6.5CVSS6.3AI score0.01681EPSS
Exploits1
CNVD
CNVD
added 2018/01/04 12:0 a.m.6 views

POCO 'ZipCommon::isValidPath()' function absolute path traversal vulnerability

POCO C++ Libraries is a set of C++ class libraries developed by Austrian software developer Gunter Obiltschnig, which are used to develop portable web-based applications with threading, file and streaming capabilities. A security vulnerability in the 'ZipCommon::isValidPath' function in the...

6.5CVSS8.7AI score0.01681EPSS
Exploits1References1
NVD
NVD
added 2018/01/03 8:29 p.m.19 views

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS6.5AI score0.01681EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2018/01/03 8:29 p.m.17 views

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS6.6AI score0.01681EPSS
Exploits1References2
OSV
OSV
added 2018/01/03 8:29 p.m.2 views

DEBIAN-CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS7AI score0.01681EPSS
Exploits1References1
OSV
OSV
added 2018/01/03 8:29 p.m.18 views

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS6.9AI score
Exploits0References3
OSV
OSV
added 2018/01/03 8:29 p.m.1 views

UBUNTU-CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS6.7AI score0.01681EPSS
Exploits1References3
CVE
CVE
added 2018/01/03 8:0 p.m.150 views

CVE-2017-1000472

POCO C++ Libraries prior to 1.8 contain a ZIP path-validation flaw in ZipCommon::isValidPath() that can allow absolute path traversal during ZIP decompression, potentially enabling creation or overwriting of arbitrary files via a crafted ZIP file. Reports across multiple distributions (Debian, Fe...

6.5CVSS6.4AI score0.01681EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder