Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-7162
HistorySep 26, 2016 - 3:59 p.m.

CVE-2016-7162

2016-09-2615:59:04
CWE-20
[email protected]
web.nvd.nist.gov
21
4
file roller
cve-2016-7162
security vulnerability
symlink attack
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.5%

JSON

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

Affected configurations

NVD
Node
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch16.04lts
Node
file_roller_projectfile_rollerMatch3.5.4gnome
OR
file_roller_projectfile_rollerMatch3.6.0gnome
OR
file_roller_projectfile_rollerMatch3.6.1gnome
OR
file_roller_projectfile_rollerMatch3.6.1.1gnome
OR
file_roller_projectfile_rollerMatch3.6.2gnome
OR
file_roller_projectfile_rollerMatch3.6.3gnome
OR
file_roller_projectfile_rollerMatch3.6.4gnome
OR
file_roller_projectfile_rollerMatch3.8.0gnome
OR
file_roller_projectfile_rollerMatch3.8.1gnome
OR
file_roller_projectfile_rollerMatch3.8.2gnome
OR
file_roller_projectfile_rollerMatch3.8.3gnome
OR
file_roller_projectfile_rollerMatch3.9.0gnome
OR
file_roller_projectfile_rollerMatch3.9.1gnome
OR
file_roller_projectfile_rollerMatch3.9.2gnome
OR
file_roller_projectfile_rollerMatch3.9.3gnome
OR
file_roller_projectfile_rollerMatch3.10gnome
OR
file_roller_projectfile_rollerMatch3.15gnome
OR
file_roller_projectfile_rollerMatch3.20gnome
OR
file_roller_projectfile_rollerMatch3.20.1gnome
OR
file_roller_projectfile_rollerMatch3.20.2gnome

Social References

More

Related

freebsd 1
prion 1
nessus 6
archlinux 1
openvas 3
ubuntu 1
debiancve 1
ubuntucve 1
mageia 1
cvelist 1
redhatcve 1
nvd 1
freebsd
freebsd
file-roller -- path traversal vulnerability
2016-09-08 00:00:00
prion
prion
Design/Logic Flaw
2016-09-26 15:59:00
nessus
nessus
EulerOS 2.0 SP3 : file-roller (EulerOS-SA-2020-2135)
2020-09-28 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : File Roller vulnerability (USN-3074-1)
2016-09-09 00:00:00
FreeBSD : file-roller -- path traversal vulnerability (ad479f89-9020-11e6-a590-14dae9d210b8)
2016-10-12 00:00:00
archlinux
archlinux
file-roller: multiple issues
2016-09-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3074-1)
2016-09-09 00:00:00
Huawei EulerOS: Security Advisory for file-roller (EulerOS-SA-2020-2135)
2020-09-29 00:00:00
Mageia: Security Advisory (MGASA-2016-0313)
2022-01-28 00:00:00
ubuntu
ubuntu
File Roller vulnerability
2016-09-08 00:00:00
debiancve
debiancve
CVE-2016-7162
2016-09-26 15:59:04
ubuntucve
ubuntucve
CVE-2016-7162
2016-09-08 00:00:00
mageia
mageia
Updated file-roller packages fix security vulnerability
2016-09-21 23:38:22
cvelist
cvelist
CVE-2016-7162
2016-09-26 15:00:00
redhatcve
redhatcve
CVE-2016-7162
2016-09-08 11:48:33
nvd
nvd
CVE-2016-7162
2016-09-26 15:59:04

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.2 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.5%

JSON
Related for CVE-2016-7162
freebsd1prion1nessus6archlinux1openvas3ubuntu1debiancve1ubuntucve1mageia1cvelist1redhatcve1nvd1