GNOME file-roller up to 3.29.90 TAR Archive path traversal

Summaryinfo

A vulnerability was found in GNOME file-roller up to 3.29.90. It has been classified as critical. The impacted element is an unknown function. This manipulation with the input ./../ as part of TAR Archive causes path traversal. This vulnerability is registered as CVE-2019-16680. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability has been found in GNOME file-roller up to 3.29.90 and classified as critical. Affected by this vulnerability is an unknown code block. The manipulation with the input value ./../ leads to a path traversal vulnerability. The CWE definition for the vulnerability is CWE-22. The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.

The weakness was published 09/21/2019 (Website). The advisory is shared at seclists.org. This vulnerability is known as CVE-2019-16680 since 09/21/2019. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1006 for this issue.

The vulnerability scanner Nessus provides a plugin with the ID 239871 (TencentOS Server 3: file-roller (TSSA-2022:0077)), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 3.29.91 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (239871). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Vendor

• GNOME

Name

• file-roller

Version

• 3.29.0
• 3.29.1
• 3.29.2
• 3.29.3
• 3.29.4
• 3.29.5
• 3.29.6
• 3.29.7
• 3.29.8
• 3.29.9
• 3.29.10
• 3.29.11
• 3.29.12
• 3.29.13
• 3.29.14
• 3.29.15
• 3.29.16
• 3.29.17
• 3.29.18
• 3.29.19
• 3.29.20
• 3.29.21
• 3.29.22
• 3.29.23
• 3.29.24
• 3.29.25
• 3.29.26
• 3.29.27
• 3.29.28
• 3.29.29
• 3.29.30
• 3.29.31
• 3.29.32
• 3.29.33
• 3.29.34
• 3.29.35
• 3.29.36
• 3.29.37
• 3.29.38
• 3.29.39
• 3.29.40
• 3.29.41
• 3.29.42
• 3.29.43
• 3.29.44
• 3.29.45
• 3.29.46
• 3.29.47
• 3.29.48
• 3.29.49
• 3.29.50
• 3.29.51
• 3.29.52
• 3.29.53
• 3.29.54
• 3.29.55
• 3.29.56
• 3.29.57
• 3.29.58
• 3.29.59
• 3.29.60
• 3.29.61
• 3.29.62
• 3.29.63
• 3.29.64
• 3.29.65
• 3.29.66
• 3.29.67
• 3.29.68
• 3.29.69
• 3.29.70
• 3.29.71
• 3.29.72
• 3.29.73
• 3.29.74
• 3.29.75
• 3.29.76
• 3.29.77
• 3.29.78
• 3.29.79
• 3.29.80
• 3.29.81
• 3.29.82
• 3.29.83
• 3.29.84
• 3.29.85
• 3.29.86
• 3.29.87
• 3.29.88
• 3.29.89
• 3.29.90

License

• open-source

Website

• Vendor: https://www.gnome.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion