MidnightBSD

Advisories for arjsoftware

CVE-2004-1027 MEDIUM

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
arjsoftware unarj 2.62
gentoo linux *
arjsoftware unarj 2.64
debian debian_linux 3.0
arjsoftware unarj 2.63
arjsoftware unarj 2.65