cpe:/a:python_software_foundation:python CVE-2007-4559 2007-08-27T21:17:00.000-04:00 2011-03-07T21:58:46.970-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-08-28T12:07:00.000-04:00 ALLOWS_OTHER_ACCESS SECUNIA 26623 VUPEN ADV-2007-3022 MLIST [python-dev] 20070824 tarfile and directory traversal vulnerability MLIST [python-dev] 20070825 tarfile and directory traversal vulnerability CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=263261 Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.