Описание
Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2:5.3.b2-1 |
| cosmic | not-affected | 2:5.3.b2-1 |
| devel | not-affected | 2:5.3.b2-1 |
| disco | not-affected | 2:5.3.b2-1 |
| esm-apps/bionic | not-affected | 2:5.3.b2-1 |
| esm-apps/xenial | released | 2:5.3.b2-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.
Directory Traversal exists in RAR 4.x and 5.x because an unpack operat ...
Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3