CVE-2004-1027

https://notcve.org/view.php?id=CVE-2004-1027

16 Nov 2004 — Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027348.html •