2 matches found
CVE-2006-1323
CVE-2006-1323 affects WinHKI 1.6 and earlier. The vulnerability is a directory traversal in archive handling where a file name containing ".." inside RAR, TAR, ZIP, or TAR.GZ archives can allow a user-assisted attacker to overwrite arbitrary files on the system. The root cause is improper validat...
CVE-2005-0213
The CVE-2005-0213 entry describes a directory traversal vulnerability in WinHKI 1.4d where an attacker can cause the application to overwrite arbitrary files by embedding a ".." in a ZIP file. The available sources (NVD/NVD-derived records) provide the affected software and the vulnerable behavio...