CVE-2003-0282

EPSS 21.1%

unzip - directory traversal

Published: 6/16/2003Modified: 4/28/2026

Description

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.

Affected packages (2)

Debian/unzipfrom 0, < 5.50-3
Debian/unzipfrom 0, < 5.50-1woody2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2003-0282