4 matches found
Directory traversal
Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0.2 allow user-assisted attackers to create files in arbitrary directories via a .. dot dot in an archive pack with a crafted 1 .gz, 2 .jar, 3 .rar, or 4 .zip file...
CVE-2006-1715
Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0.2 allow user-assisted attackers to create files in arbitrary directories via a .. dot dot in an archive pack with a crafted 1 .gz, 2 .jar, 3 .rar, or 4 .zip file...
CVE-2006-1715
The CVE-2006-1715 entry concerns Christian Kindahl TugZip (versions 3.4.0.0, 3.3.0.0, 3.1.0.2). The vulnerability arises in archive extraction where a dot-dot (..) path in a crafted archive pack (formats: .gz, .jar, .rar, or .zip) can lead to directory traversal, enabling a user‑assisted attacker...
CVE-2006-1715
Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0.2 allow user-assisted attackers to create files in arbitrary directories via a .. dot dot in an archive pack with a crafted 1 .gz, 2 .jar, 3 .rar, or 4 .zip file...