CVE-2002-0399

Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:tar:1.13.25:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-10-10 04:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-0399

Mitre link : CVE-2002-0399

CVE.ORG link : CVE-2002-0399


JSON object : View

Products Affected

gnu

  • tar