An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZIP archive extraction, because the full name of an archive file (even with a ../ sequence) is concatenated with the destination path.
References
Link | Resource |
---|---|
https://github.com/GitHubAssessments/CVE_Assessments_09_2019 | |
https://github.com/wixtoolset/issues/issues/6075 | Patch Third Party Advisory |
https://wixtoolset.org/development/wips/6075-dtf-zip-slip/ | Third Party Advisory |
https://www.firegiant.com/blog/2019/9/18/wix-v3.11.2-released/ | Patch Vendor Advisory |
Configurations
History
No history.
Information
Published : 2019-09-19 16:15
Updated : 2024-02-28 17:08
NVD link : CVE-2019-16511
Mitre link : CVE-2019-16511
CVE.ORG link : CVE-2019-16511
JSON object : View
Products Affected
firegiant
- wix_toolset
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')