CVE-2004-1027 : Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

Published 2005-03-01 05:00:00

Updated 2023-10-30 17:03:03

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversal

Exploit prediction scoring system (EPSS) score for CVE-2004-1027

Probability of exploitation activity in the next 30 days: 0.34%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 68 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-1027

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2004-1027

http://www.securityfocus.com/bid/11436

Patch;Third Party Advisory;VDB Entry;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17684

unarj file extraction directory traversal CVE-2004-1027 Vulnerability Report
VDB Entry
http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027348.html

[Full-Disclosure] Mailing List Charter
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200411-29.xml

unarj: Long filenames buffer overflow and a path traversal vulnerability (GLSA 200411-29) — Gentoo security
Third Party Advisory
http://www.debian.org/security/2005/dsa-652

Debian -- Security Information -- DSA-652-1 unarj
Third Party Advisory

CVEs referencing this url
http://lwn.net/Articles/121827/

Fedora-Legacy alert FLSA:2272 (unarj) [LWN.net]
Third Party Advisory

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2005-007.html

Support
Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2005/dsa-628

Debian -- Security Information -- DSA-628-1 imlib2
Third Party Advisory

CVEs referencing this url

Products affected by CVE-2004-1027

Debian » Debian Linux » Version: 3.0
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
Matching versions
Gentoo » Linux
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
Matching versions
Arjsoftware » Unarj » Version: 2.62
cpe:2.3:a:arjsoftware:unarj:2.62:*:*:*:*:*:*:*
Matching versions
Arjsoftware » Unarj » Version: 2.63 Update A
cpe:2.3:a:arjsoftware:unarj:2.63:a:*:*:*:*:*:*
Matching versions
Arjsoftware » Unarj » Version: 2.64
cpe:2.3:a:arjsoftware:unarj:2.64:*:*:*:*:*:*:*
Matching versions
Arjsoftware » Unarj » Version: 2.65
cpe:2.3:a:arjsoftware:unarj:2.65:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2004-1027

Exploit prediction scoring system (EPSS) score for CVE-2004-1027

CVSS scores for CVE-2004-1027

References for CVE-2004-1027

Products affected by CVE-2004-1027