CVE-2007-4131

Published: 25 August 2007

Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.

Priority

Unknown

Status

Package Release Status
tar
Launchpad, Ubuntu, Debian
Upstream Needs triage