Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Unzip |
Info-zip |
* |
5.42 (including) |
References