The File Roller archive manager for the GNOME desktop suffers from a path traversal vulnerability caused by insufficient path sanitization. A specially crafted archive file can be used to trigger creation of arbitrary files in any location, writable by the user executing the extraction, outside the current working directory. This behavior is triggered when the option 'Keep directory structure' is selected from the application 'Extract' dialog.
f6e7eec5337ffaec3b1e39f19c1e07cbe65ea4c169f65204d92f2634cdcc1947