CVE-2005-2475
published 2005-08-05CVE-2005-2475: Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose…
low1.2CVSS 3.1
AVLACHAuNCPINAN
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | unzip | < unzip 5.52-4 (bookworm) | unzip 5.52-4 (bookworm) |
| info-zip | unzip | — | — |
| unzip_project | unzip | >= 0 < 5.52-4 | 5.52-4 |
| unzip_project | unzip | >= 0 < 5.52-4 | 5.52-4 |
| unzip_project | unzip | >= 0 < 5.52-4 | 5.52-4 |
| unzip_project | unzip | >= 0 < 5.52-4 | 5.52-4 |
CVSS provenance
nvd1.2LOWAV:L/AC:H/Au:N/C:P/I:N/A:N
osv1.2LOW