CVE-2006-3326

Name of the Vulnerable Software and Affected Versions QuickZip version 3.06.3

Description A directory traversal issue allows remote user-assisted attackers to overwrite arbitrary files or directories via .. (dot dot) sequences in filenames within TAR, GZ, and JAR archives.

Recommendations For QuickZip version 3.06.3, consider restricting the handling of TAR, GZ, and JAR archives to prevent the exploitation of the directory traversal issue until a fix is available. Avoid using the .. (dot dot) sequence in filenames within these archives. At the moment, there is no information about a newer version that contains a fix for this vulnerability.