Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Unarj | Arjsoftware | 2.62 | 2.62 |
Unarj | Arjsoftware | 2.63 | 2.63 |
Unarj | Arjsoftware | 2.64 | 2.64 |
Unarj | Arjsoftware | 2.65 | 2.65 |