Описание
Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1) zip or (2) tar archive.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:smithmicro:stuffit_deluxe:9.0:*:*:*:*:*:*:*
cpe:2.3:a:smithmicro:stuffit_expander:9.0.0.21_engine_9.0.0.21:*:*:*:*:*:*:*
cpe:2.3:a:smithmicro:stuffit_standard:9.0:*:*:*:*:*:*:*
cpe:2.3:a:smithmicro:zipmagic_deluxe:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01104
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1) zip or (2) tar archive.
EPSS
Процентиль: 78%
0.01104
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other