CyberSec.Space Logo
Back to CVE Browser

CVE-2016-7162

HIGH
7.5
CVSS Severity Score
EPSS Score0.1420%
EPSS Percentile31.37th
PublishedSep 26, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

Affected Platforms (CPE)

πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 16.04
πŸ“¦
File Roller Project

File Roller

= 3.5.4
πŸ“¦
File Roller Project

File Roller

= 3.6.0
πŸ“¦
File Roller Project

File Roller

= 3.6.1
πŸ“¦
File Roller Project

File Roller

= 3.6.1.1
πŸ“¦
File Roller Project

File Roller

= 3.6.2
πŸ“¦
File Roller Project

File Roller

= 3.6.3
πŸ“¦
File Roller Project

File Roller

= 3.6.4
πŸ“¦
File Roller Project

File Roller

= 3.8.0
πŸ“¦
File Roller Project

File Roller

= 3.8.1
πŸ“¦
File Roller Project

File Roller

= 3.8.2
πŸ“¦
File Roller Project

File Roller

= 3.8.3
πŸ“¦
File Roller Project

File Roller

= 3.9.0
πŸ“¦
File Roller Project

File Roller

= 3.9.1
πŸ“¦
File Roller Project

File Roller

= 3.9.2
πŸ“¦
File Roller Project

File Roller

= 3.9.3
πŸ“¦
File Roller Project

File Roller

= 3.10
πŸ“¦
File Roller Project

File Roller

= 3.15
πŸ“¦
File Roller Project

File Roller

= 3.20
πŸ“¦
File Roller Project

File Roller

= 3.20.1
πŸ“¦
File Roller Project

File Roller

= 3.20.2

References & Advisories

πŸ”— http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news
πŸ”— http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.21/file-roller-3.21.90.news
πŸ”— http://www.openwall.com/lists/oss-security/2016/09/08/4
πŸ”— http://www.securityfocus.com/bid/92896
πŸ”— http://www.ubuntu.com/usn/USN-3074-1
πŸ”— https://bugzilla.gnome.org/show_bug.cgi?id=698554
πŸ”— https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5
πŸ”— http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news

Related Vulnerabilities

CVE-2021-344239.8

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before ve...

CVE-2018-66349.8

A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maint...

CVE-2021-34938.8

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file cap...

CVE-2021-34928.8

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during cop...