CVE-2014-9983
MEDIUM5.5EPSS 0.26%發布日:2017/6/4修改日:2026/4/28
也稱為:DEBIAN-CVE-2014-9983
描述
Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive.
受影響套件(1)
- Debian/rarfrom 0, < 2:5.3.b2-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.5 | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |