Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and previous versions allow remote malicious users to overwrite arbitrary files via a .. (dot dot) in a crafted tar file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
feep libtar 1.2.16 |
||
feep libtar 1.2.17 |
||
feep libtar 1.2.18 |
||
feep libtar 1.2.19 |
||
feep libtar 1.2.11 |
||
feep libtar 1.2.14 |
||
feep libtar 1.2.13 |
||
feep libtar 1.2.15 |
||
feep libtar |