ARJ CVE-2015-0557 Directory Traversal Vulnerability

ARJ is prone to a directory-traversal vulnerability.

A remote attacker could exploit this issue using directory-traversal characters ('../') to access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive information and perform other attacks.

ARJ 3.10.22-10 and 3.10.22-12 are vulnerable.

NOTE: This issue was previously covered in BID 71860 (ARJ CVE-2015-0556 Directory Traversal Vulnerability) but has been given its own record for better documentation.


 

Privacy Statement
Copyright 2010, SecurityFocus