Lucene search
+L

1398 matches found

redhat
redhat
added 2003/07/01 3:24 p.m.33 views

Moderate: Red Hat Security Advisory: unzip security update

Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available. Updated 15 August 2003 Ben Laurie found that the original patch to fix this issue missed a case where the path component included a quoted slash. These updated packages contain a new pat...

2.6CVSS5.8AI score0.22526EPSS
Exploits1References3
redhat
redhat
added 2003/07/01 9:16 a.m.7 views

Moderate: Red Hat Security Advisory: : Updated unzip packages fix trojan vulnerability

Updated unzip packages resolving a vulnerability allowing arbitrary files to be overwritten are now available. Updated 15 August 2003 Ben Laurie found that the original patch to fix this issue missed a case where the path component included a quoted slash. These updated packages contain a new pat...

2.6CVSS5.8AI score0.22526EPSS
Exploits1References1
nvd
nvd
added 2003/06/16 4:0 a.m.18 views

CVE-2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...

2.6CVSS6.4AI score0.22526EPSS
Exploits1References15
osv
osv
added 2003/06/16 4:0 a.m.2 views

DEBIAN-CVE-2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...

2.6CVSS6.7AI score0.22526EPSS
Exploits1References1
osv
osv
added 2003/06/16 4:0 a.m.9 views

CVE-2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...

6.4AI score
Exploits0References18
cve
cve
added 2003/05/14 4:0 a.m.69 views

CVE-2003-0282

CVE-2003-0282 affects UnZip 5.50 and earlier and is a directory traversal vulnerability where invalid characters placed between two '.' characters are filtered to produce a '..' sequence, allowing overwriting of arbitrary files during archive extraction. Public references in multiple advisories (...

2.6CVSS6.3AI score0.22526EPSS
Exploits1References15Affected Software1
cvelist
cvelist
added 2003/05/14 4:0 a.m.25 views

CVE-2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...

6.3AI score0.22526EPSS
Exploits1References15
debiancve
debiancve
added 2003/05/14 4:0 a.m.50 views

CVE-2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . dot characters, which are filtered and result in a ".." sequence...

2.6CVSS5.5AI score0.22526EPSS
Exploits1
securityvulns
securityvulns
added 2003/05/11 12:0 a.m.32 views

unzip directory traversal revisited

unzip directory traversal revisited problem: well I kinda stumbled over this when i was looking for something else A while back some fuss was made over the use of .. sequences in archives because it allows you to craft an archive which will trojan your system on extraction the creators of unzip...

1.4AI score
Exploits0
redhat
redhat
added 2002/10/02 6:44 p.m.8 views

Low: Red Hat Security Advisory: unzip security update

The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. updated Jan 22 2003 Added description of CAN-2002-1216 which was also fixed by these erratum packages. The unzip and tar utilities are used for dealing with archives,...

5CVSS7AI score0.03589EPSS
Exploits3References2
redhat
redhat
added 2002/09/29 8:40 a.m.10 views

Low: Red Hat Security Advisory: : : : Updated unzip and tar packages fix vulnerabilities

The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. updated Jan 22 2003 Added description of CAN-2002-1216 which was also fixed by these erratum packages The unzip and tar utilities are used for manipulating archives,...

5CVSS6.9AI score0.03589EPSS
Exploits3References1
cvelist
cvelist
added 2002/05/03 4:0 a.m.32 views

CVE-2001-1268

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...

9.3AI score0.0067EPSS
Exploits1References4
cvelist
cvelist
added 2002/05/03 4:0 a.m.28 views

CVE-2001-1269

Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' slash character...

6.6AI score0.00503EPSS
Exploits1References4
cve
cve
added 2002/05/03 4:0 a.m.71 views

CVE-2001-1268

CVE-2001-1268 is a directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier that allows overwriting arbitrary files during archive extraction via a .. in the extracted filename. Connected sources confirm the affected product is UnZip up to version 5.42 and earlier, with the basic issu...

2.1CVSS6.5AI score0.0067EPSS
Exploits1References4Affected Software1
cve
cve
added 2002/05/03 4:0 a.m.57 views

CVE-2001-1269

CVE-2001-1269 affects Info-ZIP UnZip 5.42 and earlier. The vulnerability allows an attacker to overwrite arbitrary files during archive extraction by using filenames that begin with the slash character (/) in the ZIP archive. The issue is rooted in how the extractor handles archive filenames, ena...

2.1CVSS6.7AI score0.00503EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2001/07/12 4:0 a.m.24 views

CVE-2001-1268

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename...

2.1CVSS9.3AI score0.0067EPSS
Exploits1References4
nvd
nvd
added 2001/07/12 4:0 a.m.25 views

CVE-2001-1269

Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' slash character...

2.1CVSS6.7AI score0.00503EPSS
Exploits1References4
security_vulns
security_vulns
added 2001/02/07 12:0 a.m.104 views

Multiple archivers directory traversal and path globbing

Topic: Directory traversal and path globbing in multiple archivers Author: 3APA3A Affected Software: GNU tar = 1.13.19, Info-Zip UnZip = 5.42, RARSoft rar = 2.02, PKWare pkzipc = 4.00 Not affected: rar 2.80, WinZIP 8.0 Risk: low/average Released: July, 2, 2001 SECURITY.NNOV advisories:...

6.9AI score
Exploits0
Rows per page
Query Builder