CVE-2007-4829 Information

Feb 14, 2021 cve

Description

Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ..\ sequences.

Reference

http://osvdb.org/40410 http://rt.cpan.org/Public/Bug/Display.html?id=29517 http://rt.cpan.org/Public/Bug/Display.html?id=30380 http://secunia.com/advisories/27539 http://secunia.com/advisories/33116 http://secunia.com/advisories/33314 http://www.gentoo.org/security/en/glsa/glsa-200812-10.xml http://www.securityfocus.com/bid/26355 http://www.ubuntu.com/usn/usn-700-1 http://www.ubuntu.com/usn/usn-700-2 http://www.vupen.com/english/advisories/2007/3755 https://bugzilla.redhat.com/show_bug.cgi?id=295021 https://exchange.xforce.ibmcloud.com/vulnerabilities/38285 https://issues.rpath.com/browse/RPL-1716 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11658

Share on: