Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3326

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-3326
Last Modified 07 Mar 2011 09:38:22
Published 30 Jun 2006 07:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3326

Summary

Directory traversal vulnerability in QuickZip 3.06.3 allows remote user-assisted attackers to overwrite arbitrary files or directories via .. (dot dot) sequences in filenames within (1) TAR,(2) GZ, and (3) JAR archives. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Joesph Leung Quickzip 3.06.3


References

XF - quickzip-extract-directory-traversal(27474)

VUPEN - ADV-2006-2599

BID - 18722

OSVDB - 26908

SECUNIA - 20864


Last Updated: 27 May 2016 10:42:58