CVE-2003-0282 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2003-0282
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-0282

Description: Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/12004 TURBO http://www.turbolinux.com/security/TLSA-2003-42.txt SCO REDHAT http://www.redhat.com/support/errata/RHSA-2003-200.html http://www.redhat.com/support/errata/RHSA-2003-199.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:619 MANDRAKE http://www.mandriva.com/security/advisories?name=MDKSA-2003:073 IMMUNIX http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-017-01 DEBIAN http://www.debian.org/security/2003/dsa-344 CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000672 CIAC http://www.ciac.org/ciac/bulletins/n-111.shtml CALDERA BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=105786446329347&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=105259038503175&w=2 BID 7550

Return to the previous page.