CVE-2006-0931Path Traversal in Archive TAR

CWE-22Path Traversal4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
1.4%
top 19.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Pear Archive TARPear Archive TAR
Timeline
PublishedFeb 28
Latest updateMay 1

Description

Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Packagistpear/archive_tar1.21.3.2

🔴Vulnerability Details

3
OSV
PEAR::Archive_Tar Directory Traversal vulnerability2022-05-01
GHSA
PEAR::Archive_Tar Directory Traversal vulnerability2022-05-01
CVEList
CVE-2006-0931: Directory traversal vulnerability in PEAR::Archive_Tar 12006-02-28
CVE-2006-0931 — Path Traversal in Pear Archive TAR | cvebase