Computer Security
[EN] securityvulns.ru no-pyccku


Gnome File Roller directory traversal
Published:15.07.2013
Source:
SecurityVulns ID:13180
Type:local
Threat Level:
5/10
Description:Directory traversal on archive processing.
Affected:GNOME : File Roller 3.9
CVE:CVE-2013-4668 (Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory structure" action, related to fr-archive-libarchive.c and fr-window.c.)
Original documentdocumentDaniele Bianco, [oCERT-2013-001] File Roller path sanitization errors (15.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod