Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote malicious users to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arjsoftware unarj 2.62 |
||
arjsoftware unarj 2.63 |
||
arjsoftware unarj 2.64 |
||
arjsoftware unarj 2.65 |
||
gentoo linux |
||
debian debian linux 3.0 |