Описание
Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| php5 | removed | package | ||
| php4 | removed | package |
Примечания
is this really a vulnerability in pear? it seems it should be a bug
in any application not checking for such archives.
Lack of a security feature is not a vulnerability
EPSS
Связанные уязвимости
Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
PEAR::Archive_Tar Directory Traversal vulnerability
EPSS