Lucene search
K

6 matches found

Debian
Debian
added 2018/01/10 4:25 p.m.20 views

[SECURITY] [DLA 1239-1] poco security update

Package : poco Version : 1.3.6p1-4+deb7u1 CVE ID : CVE-2017-1000472...

6.5CVSS6.6AI score0.01681EPSS
Exploits1
NVD
NVD
added 2018/01/03 8:29 p.m.21 views

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS6.5AI score0.01681EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2018/01/03 8:29 p.m.17 views

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS6.6AI score0.01681EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/01/03 8:0 p.m.26 views

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5AI score0.01681EPSS
Exploits1References3
CVE
CVE
added 2018/01/03 8:0 p.m.150 views

CVE-2017-1000472

POCO C++ Libraries prior to 1.8 contain a ZIP path-validation flaw in ZipCommon::isValidPath() that can allow absolute path traversal during ZIP decompression, potentially enabling creation or overwriting of arbitrary files via a crafted ZIP file. Reports across multiple distributions (Debian, Fe...

6.5CVSS6.4AI score0.01681EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2018/01/03 8:0 p.m.18 views

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

6.5CVSS6.5AI score0.01681EPSS
Exploits1
Rows per page
Query Builder