Описание
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cabextract_project:cabextract:0.2:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:0.6:*:*:*:*:*:*:*
cpe:2.3:a:cabextract_project:cabextract:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01938
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 20 лет назад
Directory traversal vulnerability in cabextract before 1.1 allows remo ...
github
больше 3 лет назад
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename.
EPSS
Процентиль: 83%
0.01938
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other