VDB
CVE-2018-0496
CVE-2018-0496
PUBLISHED
CVSS 6.400000095367432 MEDIUM
Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system.
EPSS 0.53% · 67.7th percentile
Risk Scores
CVSS 2.0
6.400000095367432
EPSS Score
0.53%
67.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | DFArc2 before 3.14 unknown | DFArc2 before 3.14 unknown |
| dinknetwork | dfarc2 | 0 |
| dinknetwork | dfarc | 0 |
| debian | debian_linux | 8.0 |
Timeline
- Jun 12, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://savannah.gnu.org/forum/forum.php?forum_id=9169 url
- https://git.savannah.gnu.org/cgit/freedink/dfarc.git/commit/?id=40cc957f52e772f45125126439ba9333cf2d2998 url
- [debian-lts-announce] 20190224 [SECURITY] [DLA 1686-1] freedink-dfarc security update mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2018-0496 advisory