Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0916

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0916
Last Modified 05 Sep 2008 04:39:46
Published 27 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0916

Summary

Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. (dot dot) sequences in a filename.

Vulnerable Systems

Application

  • Cabextract 0.2

  • Cabextract 0.6

  • Cabextract 1.0


References

DEBIAN - DSA-574

SECUNIA - 12882

XF - cabextract-directory-traversal(17766)

BID - 11460

CONFIRM - http://www.kyz.uklinux.net/cabextract.php#changes


Last Updated: 27 May 2016 10:38:48