CVE-2001-1267 in tarinfo

Summary

Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Disclosure

07/12/2001

CPE

ready

CVSS

4.0

EPSS

0.00126

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2001-1267
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2001-1267
CVE Detailshttps://www.cvedetails.com/cve/CVE-2001-1267/

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!