Computer Security
[EN] securityvulns.ru no-pyccku


elfutils directory traversal
Published:25.01.2015
Source:
SecurityVulns ID:14231
Type:library
Threat Level:
5/10
Description:Directory traversal on ar extraction.
CVE:CVE-2014-9447 (Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program.)
Original documentdocumentUBUNTU, [USN-2482-1] elfutils vulnerability (25.01.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod