Vulnerabilities > CVE-2006-0926 - Remote Directory Traversal vulnerability in StuffIt and ZipMagic
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1) zip or (2) tar archive.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
References
- http://secunia.com/advisories/19010
- http://www.hamid.ir/security/stuffit.txt
- http://www.osvdb.org/23463
- http://www.securityfocus.com/archive/1/425972/100/0/threaded
- http://www.securityfocus.com/bid/16806
- http://www.vupen.com/english/advisories/2006/0732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24886