Vulnerabilities > CVE-2007-2058 - Directory Traversal vulnerability in Picozip 4.02

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

picozip

NVD

Published: 2007-04-18

Updated: 2017-07-29

Summary

Directory traversal vulnerability in Acubix PicoZip 4.02 allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the file path in an (1) GZ, (2) TAR, (3) RAR, (4) JAR, or (5) ZIP archive.

Vulnerable Configurations

Part	Description	Count
Application	Picozip Picozip Picozip 4.02	1

References

http://secunia.com/advisories/24868
http://www.bugtraq.ir/articles/advisory/picozip_directory_traversal/9
http://www.securityfocus.com/bid/23471
http://www.vupen.com/english/advisories/2007/1377
https://exchange.xforce.ibmcloud.com/vulnerabilities/33639