[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2018-1002209 -- libquazip0-dev, libquazip-dev

ID: oval:org.secpod.oval:def:1900853Date: (C)2019-06-07   (M)2023-12-20
Class: VULNERABILITYFamily: unix




QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as "Zip-Slip".

Platform:
Ubuntu 16.04
Ubuntu 14.04
Ubuntu 18.04
Product:
libquazip0-dev
libquazip-dev
Reference:
CVE-2018-1002209
CVE    1
CVE-2018-1002209
CPE    5
cpe:/o:ubuntu:ubuntu_linux:16.04
cpe:/a:libquazip-dev:libquazip0-dev
cpe:/o:ubuntu:ubuntu_linux:18.04
cpe:/o:ubuntu:ubuntu_linux:14.04
...

© SecPod Technologies