Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4559


Vulnerability Score 6.8 6.8
CVE Id CVE-2007-4559
Last Modified 07 Mar 2011 09:58:46
Published 27 Aug 2007 09:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

Vulnerable Systems


  • Python Software Foundation Python


VUPEN - ADV-2007-3022

MLIST - [python-dev] 20070825 tarfile and directory traversal vulnerability

MLIST - [python-dev] 20070824 tarfile and directory traversal vulnerability


SECUNIA - 26623

Last Updated: 27 May 2016 10:45:54