Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-9983

Опубликовано: 04 июн. 2017
Источник: nvd
CVSS3: 5.5
CVSS2: 4.3
EPSS Низкий

Описание

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:rarlab:rar:4.00:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:4.01:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:4.10:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:4.11:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:4.20:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.00:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.01:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.10:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.11:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.20:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.21:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.30:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.31:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.40:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.50:*:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.50:beta1:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.50:beta2:*:*:*:*:*:*
cpe:2.3:a:rarlab:rar:5.50:beta3:*:*:*:*:*:*

EPSS

Процентиль: 49%
0.00261
Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

ubuntu логотип

CVE-2014-9983

CVSS3: 5.5
ubuntu
больше 8 лет назад

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.

debian логотип

CVE-2014-9983

CVSS3: 5.5
debian
больше 8 лет назад

Directory Traversal exists in RAR 4.x and 5.x because an unpack operat ...

github логотип

GHSA-4mq8-gv5p-mwm4

CVSS3: 5.5
github
больше 3 лет назад

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.

EPSS

Процентиль: 49%
0.00261
Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-22