CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1027

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1140%
EPSS Percentile33.82th
PublishedMar 1, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

Affected Platforms (CPE)

πŸ“¦
Arjsoftware

Unarj

= 2.62
πŸ“¦
Arjsoftware

Unarj

= 2.63
πŸ“¦
Arjsoftware

Unarj

= 2.64
πŸ“¦
Arjsoftware

Unarj

= 2.65
πŸ’»
Gentoo

Linux

All versions
πŸ’»
Debian

Debian Linux

= 3.0

References & Advisories

πŸ”— http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027348.html
πŸ”— http://lwn.net/Articles/121827/
πŸ”— http://security.gentoo.org/glsa/glsa-200411-29.xml
πŸ”— http://www.debian.org/security/2005/dsa-628
πŸ”— http://www.debian.org/security/2005/dsa-652
πŸ”— http://www.redhat.com/support/errata/RHSA-2005-007.html
πŸ”— http://www.securityfocus.com/bid/11436
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/17684

Related Vulnerabilities

CVE-2004-094710.0

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long f...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...

CVE-2004-106710.0

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may al...