5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
76.6%
Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x
before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows
remote attackers to create arbitrary files via a crafted archive that is
not properly handled in a “Keep directory structure” action, related to
fr-archive-libarchive.c and fr-window.c.
Author | Note |
---|---|
jdstrand | libarchive support added in 3.5.4 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.10 | noarch | file-roller | < 3.6.1.1-0ubuntu1.2 | UNKNOWN |
ubuntu | 13.04 | noarch | file-roller | < 3.6.3-1ubuntu4.1 | UNKNOWN |