Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-7162

Опубликовано: 26 сент. 2016
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:file_roller_project:file_roller:3.5.4:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.6.0:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.6.1:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.6.1.1:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.6.2:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.6.3:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.6.4:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.8.0:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.8.1:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.8.2:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.8.3:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.9.0:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.9.1:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.9.2:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.9.3:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.10:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.15:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.20:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.20.1:*:*:*:*:gnome:*:*
cpe:2.3:a:file_roller_project:file_roller:3.20.2:*:*:*:*:gnome:*:*

EPSS

Процентиль: 78%
0.01151
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2016-7162

CVSS3: 7.5
ubuntu
больше 9 лет назад

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

redhat логотип

CVE-2016-7162

CVSS3: 5.5
redhat
больше 9 лет назад

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

debian логотип

CVE-2016-7162

CVSS3: 7.5
debian
больше 9 лет назад

The _g_file_remove_directory function in file-utils.c in File Roller 3 ...

suse-cvrf логотип

openSUSE-SU-2016:2338-1

suse-cvrf
больше 9 лет назад

Security update for file-roller

github логотип

GHSA-g3mg-grgw-vqfv

CVSS3: 7.5
github
больше 3 лет назад

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

EPSS

Процентиль: 78%
0.01151
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20