Phase:Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files via a .. (dot dot) in a (1) .rar, (2) .tar, (3) .jar, or (4) .gz file. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
ReferencesBID:18375 | URL:http://www.securityfocus.com/bid/18375 | FRSIRT:ADV-2006-2255 | URL:http://www.frsirt.com/english/advisories/2006/2255 | SECUNIA:20543 | URL:http://secunia.com/advisories/20543 | XF:filzip-archive-directory-traversa
Votes:Assigned (Monday, June 12, 2006)
Comments:None (candidate not yet proposed)
F7: