|
|
Subscribe / Log in / New account

fastjar: overwrite arbitrary files

Package(s):fastjar CVE #(s):CVE-2010-0831
Created:June 22, 2010 Updated:June 23, 2010
Description: From the Ubuntu advisory:

Dan Rosenberg discovered that fastjar incorrectly handled file paths containing ".." when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted jar file, arbitrary files could be overwritten with user privileges.

Alerts:
Mandriva MDVSA-2010:122 fastjar 2010-06-22
Ubuntu USN-953-1 fastjar 2010-06-21
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds