23 matches found
EUVD-2018-2082
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1002209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is...
K64709522: Multiple Zip Slip vulnerabilities
Security Advisory Description CVE-2018-1002200 plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
SUSE CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
Mageia: Security Advisory (MGASA-2018-0362)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 28 : quazip (2018-0c586e5178)
2018-06-13 0.7.6 - Fixed the Zip Slip vulnerability in JlCompress - Renamed crypt.h to minizipcrypt.h to avoid conflicts - 2018-05-20 0.7.5 - Fixed targetlinklibraries call in CMakeLists - Worked around a Qt 4.6 bug QTBUG-15421 screwing up hidden files handling in JlCompress::compressDir -...
Updated quazip packages fix security vulnerability
Updated quazip packages fix security vulnerability: A vulnerability has been found in the way developers have implemented the archive extraction of files. An arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar,x...
[SECURITY] Fedora 27 Update: quazip-0.7.6-1.fc27
QuaZIP is a simple C++ wrapper over Gilles Vollant's ZIP/UNZIP package that can be used to access ZIP archives. It uses Trolltech's Qt toolkit. QuaZIP allows you to access files inside ZIP archives using QIODevice API, and - yes! - that means that you can also use QTextStream, QDataStream or...
Fedora Update for quazip FEDORA-2018-9829c6ddcf
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for quazip FEDORA-2018-0c586e5178
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 28 Update: quazip-0.7.6-1.fc28
QuaZIP is a simple C++ wrapper over Gilles Vollant's ZIP/UNZIP package that can be used to access ZIP archives. It uses Trolltech's Qt toolkit. QuaZIP allows you to access files inside ZIP archives using QIODevice API, and - yes! - that means that you can also use QTextStream, QDataStream or...
The vulnerability of the extractDir function in the JICompress component of the QuaZIP library allows a hacker to execute arbitrary code.
The vulnerability of the extractDir function in the JICompress component JlCompress.cpp from the QuaZIP library is related to deficiencies in checking the path name of the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a...
QuaZIP Directory Traversal Vulnerability
QuaZIP is a C++ wrapper for accessing ZIP archives. A directory traversal vulnerability exists in QuaZIP versions prior to 0.7.6. The vulnerability can be exploited to write arbitrary files with the help of a specially crafted zip archive file with a directory traversal name...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
DEBIAN-CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
Directory traversal
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
UBUNTU-CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...