CVE-2015-0552

Description

Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."

Affected packages (1)

• Debian/gcabfrom 0, < 0.4-2

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-0552