CVE-2015-0552

描述

Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."

受影響套件(1)

• Debian/gcabfrom 0, < 0.4-2

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-0552