CVE-2007-4134
Publication date 30 August 2007
Last updated 17 July 2025
Ubuntu priority
Description
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.