Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote malicious users to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome gcab 0.4 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |