Back to search
CVE-2001-1270
Published: May 3, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20010712 SECURITY.NNOV: directory traversal and path globing in multiple archivers
mailing-list
x_refsource_BUGTRAQ
http://www.security.nnov.ru/advisories/archdt.asp
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now