Page 3 of 13 results (0.017 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

ARC 5.21q allows directory traversal via a full pathname in an archive file. ARC 5.21q permite saltos de directorio mediante un nombre de ruta completo en un archivo. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00048.html https://bugs.debian.org/774527 https://bugzilla.redhat.com/show_bug.cgi?id=1179142 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945. • http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0535.html http://marc.info/?l=bugtraq&m=112689596714383&w=2 http://secunia.com/advisories/16805 http://secunia.com/advisories/17068 http://securityreason.com/securityalert/11 http://www.debian.org/security/2005/dsa-843 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

arc 5.21j and earlier create temporary files with world-readable permissions, which allows local users to read sensitive information from files created by (1) arc (arc.c) or (2) marc (marc.c). • http://marc.info/?l=bugtraq&m=112689596714383&w=2 http://secunia.com/advisories/16805 http://secunia.com/advisories/17068 http://www.debian.org/security/2005/dsa-843 http://www.zataz.net/adviso/arc-09052005.txt •