cpe:/a:archive%3a%3atar_project:archive%3a%3atar:1.36::~~~perl~~ cpe:/o:canonical:ubuntu_linux:6.06::~~lts~~~ cpe:/o:canonical:ubuntu_linux:7.10 cpe:/o:canonical:ubuntu_linux:8.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:8.10 CVE-2007-4829 2007-11-02T12:46:00.000-04:00 2018-08-08T09:48:56.327-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2018-08-06T13:12:58.533-04:00 ALLOWS_OTHER_ACCESS BID 26355 SECUNIA 27539 SECUNIA 33116 SECUNIA 33314 OSVDB 40410 VUPEN ADV-2007-3755 GENTOO GLSA-200812-10 UBUNTU USN-700-1 UBUNTU USN-700-2 MISC http://rt.cpan.org/Public/Bug/Display.html?id=29517 MISC http://rt.cpan.org/Public/Bug/Display.html?id=30380 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=295021 CONFIRM https://issues.rpath.com/browse/RPL-1716 XF perl-archivetar-directory-traversal(38285) Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.