CVE-2003-0282

Name of the Vulnerable Software and Affected Versions UnZip version 5.50 tar-1.13.25

Description The issue concerns a directory traversal vulnerability in UnZip, allowing attackers to overwrite arbitrary files by exploiting invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. Additionally, there are multiple vulnerabilities in the tar package of Red Hat Linux that can lead to a breach of protected information integrity, and these can be exploited remotely.

Recommendations For UnZip version 5.50, consider restricting access to the vulnerable UnZip module to minimize the risk of exploitation until a patch is available. For tar-1.13.25, at the moment, there is no information about a newer version that contains a fix for this vulnerability.