Download
| Alert*
|
oval:org.secpod.oval:def:2000220
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as "Zip-Slip". oval:org.secpod.oval:def:114945 QuaZIP is a simple C++ wrapper over Gilles Vollant's ZIP/UNZIP package that can be used to access ZIP archives. It uses Trolltech's Qt toolkit. QuaZIP allows you to access files inside ZIP archives using QIODevice API, and - yes! - that means that you can also use QTextStream, QDataStream or ... oval:org.secpod.oval:def:1900853 QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as "Zip-Slip". oval:org.secpod.oval:def:114991 QuaZIP is a simple C++ wrapper over Gilles Vollant's ZIP/UNZIP package that can be used to access ZIP archives. It uses Trolltech's Qt toolkit. QuaZIP allows you to access files inside ZIP archives using QIODevice API, and - yes! - that means that you can also use QTextStream, QDataStream or ... |
