7 matches found
Mageia: Security Advisory (MGASA-2015-0086)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-2060
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash...
CVE-2015-2060
CVE-2015-2060 affects cabextract prior to 1.6. The vulnerability arises because cabextract does not properly check for leading slashes when extracting files, allowing an attacker to perform absolute directory traversal via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. This...
[ MDVSA-2015:064 ] cabextract
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:064 http://www.mandriva.com/en/support/security/ Package : cabextract Date : March 27, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated cabextract packages fix security...
Fedora 21 : cabextract-1.5-1.fc21 (2015-2746)
Security fix for directory traversal with UTF-8 symbols in filenames. Fixed in upstream version 1.5. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for cabextract FEDORA-2015-2746
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2015-0086 Updated cabextract packages fix CVE-2015-2060
A directory traversal issue in cabextract allows writing to locations outside of the current working directory, when extracting a crafted cab file that encodes the filenames in a certain manner CVE-2015-2060...