22 matches found
EUVD-2018-2082
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1002209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is...
K64709522: Multiple Zip Slip vulnerabilities
Security Advisory Description CVE-2018-1002200 plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
SUSE CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
Mageia: Security Advisory (MGASA-2018-0362)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 28 : quazip (2018-0c586e5178)
2018-06-13 0.7.6 - Fixed the Zip Slip vulnerability in JlCompress - Renamed crypt.h to minizipcrypt.h to avoid conflicts - 2018-05-20 0.7.5 - Fixed targetlinklibraries call in CMakeLists - Worked around a Qt 4.6 bug QTBUG-15421 screwing up hidden files handling in JlCompress::compressDir -...
Updated quazip packages fix security vulnerability
Updated quazip packages fix security vulnerability: A vulnerability has been found in the way developers have implemented the archive extraction of files. An arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar,x...
[SECURITY] Fedora 27 Update: quazip-0.7.6-1.fc27
QuaZIP is a simple C++ wrapper over Gilles Vollant's ZIP/UNZIP package that can be used to access ZIP archives. It uses Trolltech's Qt toolkit. QuaZIP allows you to access files inside ZIP archives using QIODevice API, and - yes! - that means that you can also use QTextStream, QDataStream or...
Fedora Update for quazip FEDORA-2018-9829c6ddcf
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for quazip FEDORA-2018-0c586e5178
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 28 Update: quazip-0.7.6-1.fc28
QuaZIP is a simple C++ wrapper over Gilles Vollant's ZIP/UNZIP package that can be used to access ZIP archives. It uses Trolltech's Qt toolkit. QuaZIP allows you to access files inside ZIP archives using QIODevice API, and - yes! - that means that you can also use QTextStream, QDataStream or...
QuaZIP Directory Traversal Vulnerability
QuaZIP is a C++ wrapper for accessing ZIP archives. A directory traversal vulnerability exists in QuaZIP versions prior to 0.7.6. The vulnerability can be exploited to write arbitrary files with the help of a specially crafted zip archive file with a directory traversal name...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
DEBIAN-CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
Directory traversal
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
UBUNTU-CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...