PT-2007-1191 · Pentasoftware · Pentasuite-Pro+1

Published

2007-01-19

Updated

2017-07-20

CVE-2006-5963

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: PentaZip version 8.5.1.190 PentaSuite-PRO version 8.5.1.221

Description: A directory traversal issue allows user-assisted remote attackers to extract files to arbitrary pathnames by including a ../ (dot dot slash) in a filename.

Recommendations: For PentaZip version 8.5.1.190, update to a version that fixes this issue. For PentaSuite-PRO version 8.5.1.221, update to a version that fixes this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5963

Affected Products

Pentasuite-Pro

Pentazip

PT-2007-1191 · Pentasoftware · Pentasuite-Pro+1

CVE-2006-5963

Related Identifiers

Affected Products

References · 7