Directory traversal vulnerability in extract.c in star prior to 1.5a84 allows user-assisted remote malicious users to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat fedora 7 |