Directory traversal vulnerability in gunzip -N in gzip 1.2.4 up to and including 1.3.5 allows remote malicious users to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gzip 1.2.4 |
||
gnu gzip 1.3.3 |