CVE Vulnerabilities

CVE-2004-1027

Published: Mar 01, 2005 | Modified: Oct 30, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

Affected Software

Name Vendor Start Version End Version
Unarj Arjsoftware 2.62 2.62
Unarj Arjsoftware 2.63 2.63
Unarj Arjsoftware 2.64 2.64
Unarj Arjsoftware 2.65 2.65

References