PT-2006-7551 · Red Hat+3 · Red Hat+3
Jürgen Weigert
·
Published
1970-01-01
·
Updated
2017-10-11
·
CVE-2006-3619
CVSS v2.0
2.6
Low
| Vector | AV:N/AC:H/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Red Hat Enterprise Linux (affected versions not specified)
Debian GNU/Linux (affected versions not specified)
Gnu GCC versions 4.1.1 and earlier, and 3.4.6 and earlier
FastJar 0.93
Description
The issue is related to multiple vulnerabilities in various packages of Red Hat Enterprise Linux and Debian GNU/Linux operating systems, which can lead to disruption of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be carried out locally or remotely. A directory traversal vulnerability in FastJar 0.93, used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Fastjar
Gnu Gcc
Red Hat