NuytsTech Security

CVE-2015-2304

by ·

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

Date published : 2015-03-15

http://advisories.mageia.org/MGASA-2015-0106.html

https://github.com/libarchive/libarchive/commit/59357157706d47c365b2227739e17daba3607526

Tags: