VDB
GCVE-110-MAGEIA-2015-252
GCVE-110-MAGEIA-2015-252
Advisory Published
Alexander Cherepanov discovered that p7zip is susceptible to a directory
traversal vulnerability. While extracting an archive, it will extract
symlinks and then follow them if they are referenced in further entries.
This can be exploited by a rogue archive to write files outside the
current directory (CVE-2015-1038).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | p7zip | 0 (affected), 9.20.1-4.1.mga4 (unaffected) | — |
| Mageia | p7zip | 0 (affected), 9.20.1-6.1.mga5 (unaffected) | — |
Aliases
Transitive aliases
CVE-2016-2335CVE-2016-9296GHSA-mqw8-2gg2-v87mGSD-2016-9296GHSA-f24r-hqqw-w96vMSRC_CVE-2016-9296CNVD-2016-11272GHSA-62c7-f6mx-fmm8EUVD-2016-3418VVD-GENTOO-2016-582832GHSA-p2xg-m23c-2mm9VVD-MAGEIA-2016-202EUVD-2016-10107EUVD-2015-1182VVD-GENTOO-2015-536012EUVD-2016-3419BDU:2018-00022OPENSUSE-SU-2024:10322-1CVE-2016-2334
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.