Download
| Alert*
|
oval:org.secpod.oval:def:504763
File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fix: * file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive * file-roller: directory traversal via directory symlink pointing outside of the ... oval:org.secpod.oval:def:89050438 This update for file-roller fixes the following issues: - CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file"s parent is an external symlink . - CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a file durin ... oval:org.secpod.oval:def:604548 It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user is dragging a ... oval:org.secpod.oval:def:705221 file-roller: archive manager for GNOME File Roller could be made to overwrite sensitive files if it received a specially crafted TAR file. oval:org.secpod.oval:def:2105357 An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction. oval:org.secpod.oval:def:58887 file-roller: archive manager for GNOME File Roller could be made to overwrite sensitive files if it received a specially crafted TAR file. oval:org.secpod.oval:def:58854 It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user is dragging a ... oval:org.secpod.oval:def:89000310 This update for file-roller fixes the following issues: - CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a file during extraction . oval:org.secpod.oval:def:2500060 File Roller is an application for creating and viewing archives files, such as tar or zip files. oval:org.secpod.oval:def:68011 File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fix: * file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive * file-roller: directory traversal via directory symlink pointing outside of the ... oval:org.secpod.oval:def:1504324 [3.28.1-3] - Fix CVE-2020-11736 - Fix CVE-2019-16680 |
