CVE-2004-1027

Published: 01/03/2005 Updated: 30/10/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote malicious users to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

Vulnerable Product	Search on Vulmon	Subscribe to Product
arjsoftware unarj 2.62
arjsoftware unarj 2.63
arjsoftware unarj 2.64
arjsoftware unarj 2.65
gentoo linux
debian debian linux 3.0

Synopsis unarj security update Type/Severity Security Advisory: Low Topic An updated unarj package that fixes a buffer overflow vulnerability and adirectory traversal vulnerability is now available Description The unarj program is an archiving utility which can extract ARJ-compatiblearchiv ...

NVD-CWE-Other http://www.securityfocus.com/bid/11436 http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027348.html http://www.debian.org/security/2005/dsa-628 http://www.debian.org/security/2005/dsa-652 http://lwn.net/Articles/121827/http://security.gentoo.org/glsa/glsa-200411-29.xml http://www.redhat.com/support/errata/RHSA-2005-007.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17684 https://access.redhat.com/errata/RHSA-2005:007 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1027

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect