PT-2006-1969 · Allume · Stuffit Expander+3

Publicado

2006-02-28

Atualizado

2018-10-18

CVE-2006-0926

CVSS v2.0

2.6

Baixa

Vetor

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Allume StuffIt Standard and Deluxe version 9.0 Allume ZipMagic Deluxe version 9.0 Allume StuffIt Expander version 9.0.0.21 Engine 9.0.0.21

Description The issue allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a zip or tar archive.

Recommendations For Allume StuffIt Standard and Deluxe version 9.0, update to a version that fixes the directory traversal vulnerabilities. For Allume ZipMagic Deluxe version 9.0, update to a version that fixes the directory traversal vulnerabilities. For Allume StuffIt Expander version 9.0.0.21 Engine 9.0.0.21, update to a version that fixes the directory traversal vulnerabilities.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-0926

Produtos afetados

Stuffit Deluxe

Stuffit Expander

Stuffit Standard

Zipmagic Deluxe

PT-2006-1969 · Allume · Stuffit Expander+3

CVE-2006-0926

Identificadores relacionados

Produtos afetados

Referências · 8