VDB
CVE-2003-0282
CVE-2003-0282
PUBLISHED
CVSS 2.5999999046325684 LOW
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
EPSS 21.13% · 95.8th percentile
Risk Scores
CVSS 2.0
2.5999999046325684
EPSS Score
21.13%
95.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| info-zip | unzip | 5.50 |
| sco | openlinux_workstation | 3.1.1 |
| sco | openlinux_server | 3.1.1 |
Exploit Intelligence
- sionnx/cve-2003-0282 (github-poc)
- sionnx/cve-2003-0282 (github-poc)
- sionnx/cve-2003-0282 (github-poc)
- sionnx/cve-2003-0282 (github-poc)
- oval:org.mitre.oval:def:619 (circl)
- DSA-344 (circl)
- MDKSA-2003:073 (circl)
- TLSA-2003-42 (circl)
- 20030509 unzip directory traversal revisited (circl)
- N-111 (circl)
…and 9 more exploits
Timeline
- May 14, 2003 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- 20030509 unzip directory traversal revisited mailing-list
- CLA-2003:672 vendor-advisory
- unzip-dotdot-directory-traversal(12004) vdb
- http://www.info-zip.org/FAQ.html url
- RHSA-2003:199 vendor-advisory
- MDKSA-2003:073 vendor-advisory
- TLSA-2003-42 vendor-advisory
- oval:org.mitre.oval:def:619 vdb
- N-111 third-party-advisory
- CSSA-2003-031.0 vendor-advisory
- 7550 vdb
- 20030710 [OpenPKG-SA-2003.033] OpenPKG Security Advisory (infozip) mailing-list
- RHSA-2003:200 vendor-advisory
- IMNX-2003-7+-017-01 vendor-advisory
- DSA-344 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2003-0282 advisory