Security Advisory

CVE-2007-4131

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-08-25 00:00:00

Last updated 2024-08-07 14:46:38

Assigner redhat

State PUBLISHED

Description

Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.

← Browse all CVEs View on cve.org ↗