3 matches found
CVE-2018-1002206
SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002206
SharpCompress before 0.21.0 is vulnerable to a directory traversal vulnerability (Zip-Slip) that allows writing to arbitrary files via a ../ path in a Zip archive entry during extraction. Affected component is the SharpCompress library; impact is arbitrary file overwrite. Public-facing exploit de...
ZIP Slip Arbitrary File Overwrite Remote Code Execution (CVE-2018-1002200; CVE-2018-1002201; CVE-2018-1002203; CVE-2018-1002204; CVE-2018-1002205; CVE-2018-1002206; CVE-2018-1002207; CVE-2018-1261; CVE-2018-8008; CVE-2018-8009; CVE-2021-43555)
A file overwrite vulnerability exist in archive formats. To trigger this issue, an attacker may create a malicious archive that will exploit this vulnerability. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the vulnerable system and...