Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a .. sequence.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Unzip | Info-zip | 5.50 (including) | 5.50 (including) |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * | |
| Red Hat Linux 9 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
| Unzip | Ubuntu | dapper | * |
| Unzip | Ubuntu | devel | * |
| Unzip | Ubuntu | edgy | * |
| Unzip | Ubuntu | feisty | * |