RubyGems minitar and archive-tar-minitar CVE-2016-10173 Local Directory Traversal Vulnerability

RubyGems minitar and archive-tar-minitar are prone to a local directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue using directory-traversal characters ('../') to access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive information and perform other attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus