Lucene search
HistoryApr 18, 2007 - 3:19 a.m.
CVE-2007-2058
acubix picozip
directory traversal
remote attack
overwrite
arbitrary files
security vulnerability
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.5%
Directory traversal vulnerability in Acubix PicoZip 4.02 allows user-assisted remote attackers to overwrite arbitrary files via a … (dot dot) sequence in the file path in an (1) GZ, (2) TAR, (3) RAR, (4) JAR, or (5) ZIP archive.
Affected configurations
Node
picozippicozipMatch4.02
| CPE | Name | Operator | Version |
|---|---|---|---|
| picozip:picozip | picozip | eq | 4.02 |
Related
prion
prion
Directory traversal
2007-04-18 03:19:00
cvelist
cvelist
CVE-2007-2058
2007-04-18 02:20:00
nvd
nvd
CVE-2007-2058
2007-04-18 03:19:00
securityvulns
securityvulns
Directory traversal and absolute path in multiple archivers
2007-08-27 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.5%
Related for CVE-2007-2058