CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-7162

HIGH
7.5
CVSS Severity Score
EPSS Score0.1420%
EPSS Percentile31.37th
Published2016年9月26日
Last Modified2026年5月6日

Vulnerability Description

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

Affected Platforms (CPE)

💻
Canonical

Ubuntu Linux

= 14.04
💻
Canonical

Ubuntu Linux

= 16.04
📦
File Roller Project

File Roller

= 3.5.4
📦
File Roller Project

File Roller

= 3.6.0
📦
File Roller Project

File Roller

= 3.6.1
📦
File Roller Project

File Roller

= 3.6.1.1
📦
File Roller Project

File Roller

= 3.6.2
📦
File Roller Project

File Roller

= 3.6.3
📦
File Roller Project

File Roller

= 3.6.4
📦
File Roller Project

File Roller

= 3.8.0
📦
File Roller Project

File Roller

= 3.8.1
📦
File Roller Project

File Roller

= 3.8.2
📦
File Roller Project

File Roller

= 3.8.3
📦
File Roller Project

File Roller

= 3.9.0
📦
File Roller Project

File Roller

= 3.9.1
📦
File Roller Project

File Roller

= 3.9.2
📦
File Roller Project

File Roller

= 3.9.3
📦
File Roller Project

File Roller

= 3.10
📦
File Roller Project

File Roller

= 3.15
📦
File Roller Project

File Roller

= 3.20
📦
File Roller Project

File Roller

= 3.20.1
📦
File Roller Project

File Roller

= 3.20.2

References & Advisories

🔗 http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news
🔗 http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.21/file-roller-3.21.90.news
🔗 http://www.openwall.com/lists/oss-security/2016/09/08/4
🔗 http://www.securityfocus.com/bid/92896
🔗 http://www.ubuntu.com/usn/USN-3074-1
🔗 https://bugzilla.gnome.org/show_bug.cgi?id=698554
🔗 https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5
🔗 http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news

相关漏洞威胁

CVE-2021-344239.8

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before ve...

CVE-2018-66349.8

A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maint...

CVE-2021-34938.8

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file cap...

CVE-2021-34928.8

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during cop...