Gentoo Linux Security Advisory 201612-15 - Multiple vulnerabilities have been found in ARJ, the worst of which may allow attackers to execute arbitrary code. Versions less than 3.10.22-r5 are affected.
93ed680b4b8f65b624060451139142724745ff36774c1addc0f775b16cc6ee38Mandriva Linux Security Advisory 2015-201 - Jakub Wilk discovered that arj follows symlinks created during unpacking of an arj archive. A remote attacker could use this flaw to perform a directory traversal attack if a user or automated system were tricked into processing a specially crafted arj archive. Jakub Wilk discovered that arj does not sufficiently protect from directory traversal while unpacking an arj archive containing file paths with multiple leading slashes. A remote attacker could use this flaw to write to arbitrary files if a user or automated system were tricked into processing a specially crafted arj archive. Jakub Wilk and Guillem Jover discovered a buffer overflow vulnerability in arj. A remote attacker could use this flaw to cause an application crash or, possibly, execute arbitrary code with the privileges of the user running arj. The updated packages provides a solution for these security issues.
53b2ec6d424cbe2e660af98dc2c29cd31a7612a9dff952a2ead56882ca345cdeDebian Linux Security Advisory 3213-1 - Multiple vulnerabilities have been discovered in arj, an open source version of the arj archiver.
7f8e93a398d961e10e08110b0546218adeb91474cde082dad6db5e68581db236
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed