Vulnerabilities > CVE-2006-3178 - Unspecified vulnerability in JED Wing CHM LIB

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
jed-wing
nessus

Summary

Directory traversal vulnerability in extract_chmLib example program in CHM Lib (chmlib) before 0.38 allows remote attackers to overwrite arbitrary files via a CHM archive containing files with a .. (dot dot) in their filename.

Vulnerable Configurations

Part Description Count
Application
Jed_Wing
1

Nessus

NASL familyDebian Local Security Checks
NASL idDEBIAN_DSA-1144.NASL
descriptionIt was discovered that one of the utilities shipped with chmlib, a library for dealing with Microsoft CHM files, performs insufficient sanitising of filenames, which might lead to directory traversal.
last seen2020-06-01
modified2020-06-02
plugin id22686
published2006-10-14
reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/22686
titleDebian DSA-1144-1 : chmlib - missing input sanitising