CVE Vulnerabilities

CVE-2004-1027

Published: Mar 01, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

Affected Software

Name Vendor Start Version End Version
Unarj Arj_software_inc. 2.62 2.62
Unarj Arj_software_inc. 2.63_a 2.63_a
Unarj Arj_software_inc. 2.64 2.64
Unarj Arj_software_inc. 2.65 2.65
Red Hat Enterprise Linux 2.1 RedHat unarj *

References