Vulnerabilities > CVE-2001-1270 - Unspecified vulnerability in Pkware Pkzip 2.70/4.00

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
pkware

Summary

Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files.

Vulnerable Configurations

Part Description Count
Application
Pkware
3