ALT Linux Team

Package arj update in p10 on 2022-10-27

ALT-PU-2022-2941-1

Package arj updated to version 3.10.22-alt9 for branch p10 in task 308983.

Closed vulnerabilities

Published: 2015-04-08
Modified: 2024-11-21

CVE-2015-0556

Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.

Severity: MEDIUM (5.8)
References:
Published: 2015-04-08
Modified: 2024-11-21

CVE-2015-0557

Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.

Severity: MEDIUM (5.8)
References:
Published: 2015-04-08
Modified: 2024-11-21

CVE-2015-2782

Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.

Severity: HIGH (7.5)
References:

Closed bugs

Bug #44143

Зависает при создании архивов

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top