2 matches found
CVE-2013-4668
Summary (CVE-2013-4668): Directory traversal in GNOME File Roller when using libarchive, affecting 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, enables remote creation of arbitrary files via crafted archives that mishandle “Keep directory structure” paths. Root cause noted in f...
CVE-2016-7162
The CVE-2016-7162 vulnerability affects GNOME File Roller, where the _g_file_remove_directory function in file-utils.c can be misused to delete arbitrary files via a symlink attack on a folder inside an archive. Affected versions are File Roller 3.5.4 through 3.20.2. The exploitation context is a...