Search criteria
9 vulnerabilities found for arj_archiver by arj_software
FKIE_CVE-2015-2782
Vulnerability from fkie_nvd - Published: 2015-04-08 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| arj_software | arj_archiver | 3.10.22 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arj_software:arj_archiver:3.10.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D61A6B4B-8E9F-402A-B963-2236D2ADF057",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en el archivador de c\u00f3digo abierto ARJ 3.10.22 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo ARJ manipulado."
}
],
"id": "CVE-2015-2782",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-08T18:59:06.767",
"references": [
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"source": "security@debian.org",
"tags": [
"Technical Description"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/73413"
},
{
"source": "security@debian.org",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-15"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0557
Vulnerability from fkie_nvd - Published: 2015-04-08 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arj_software | arj_archiver | * | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arj_software:arj_archiver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10FB609E-F842-4F2B-BD6E-9D6CD1968E82",
"versionEndIncluding": "3.10.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive."
},
{
"lang": "es",
"value": "El archivador de c\u00f3digo abierto ARJ 3.10.22 no elimina correctamente barras oblicuas de inicio de las rutas, lo que permite a atacantes remotos realizar ataques del recorrido del directorio absoluto y escribir a ficheros arbitrarios a trav\u00e9s de m\u00faltiples barra oblicuas de inicio en una ruta en un archivo ARJ."
}
],
"id": "CVE-2015-0557",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-08T18:59:04.890",
"references": [
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/71895"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
},
{
"source": "security@debian.org",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-15"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0556
Vulnerability from fkie_nvd - Published: 2015-04-08 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arj_software | arj_archiver | * | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arj_software:arj_archiver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10FB609E-F842-4F2B-BD6E-9D6CD1968E82",
"versionEndIncluding": "3.10.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive."
},
{
"lang": "es",
"value": "El archivador de c\u00f3digo abierto ARJ 3.10.22 permite a atacantes remotos realizar ataques de salto de directorio a trav\u00e9s de un ataque de enlace simb\u00f3lico en un archivo ARJ."
}
],
"id": "CVE-2015-0556",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-08T18:59:03.797",
"references": [
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/71860"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
},
{
"source": "security@debian.org",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-15"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-0557 (GCVE-0-2015-0557)
Vulnerability from cvelistv5 – Published: 2015-04-08 18:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:11.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "71895",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71895"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "71895",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71895"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2015:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "71895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71895"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0557",
"datePublished": "2015-04-08T18:00:00",
"dateReserved": "2015-01-05T00:00:00",
"dateUpdated": "2024-08-06T04:10:11.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0556 (GCVE-0-2015-0556)
Vulnerability from cvelistv5 – Published: 2015-04-08 18:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:11.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "71860",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71860"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "71860",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71860"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2015:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "71860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71860"
},
{
"name": "DSA-3213",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0556",
"datePublished": "2015-04-08T18:00:00",
"dateReserved": "2015-01-05T00:00:00",
"dateUpdated": "2024-08-06T04:10:11.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2782 (GCVE-0-2015-2782)
Vulnerability from cvelistv5 – Published: 2015-04-08 18:00 – Updated: 2024-08-06 05:24
VLAI?
Summary
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"name": "[oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "73413",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73413"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "[oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"name": "[oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "73413",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73413"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-2782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"name": "[oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"name": "MDVSA-2015:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "GLSA-201612-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "73413",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73413"
},
{
"name": "FEDORA-2015-5524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-2782",
"datePublished": "2015-04-08T18:00:00",
"dateReserved": "2015-03-29T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0557 (GCVE-0-2015-0557)
Vulnerability from nvd – Published: 2015-04-08 18:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:11.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "71895",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71895"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "71895",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71895"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2015:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "71895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71895"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774435"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0557",
"datePublished": "2015-04-08T18:00:00",
"dateReserved": "2015-01-05T00:00:00",
"dateUpdated": "2024-08-06T04:10:11.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0556 (GCVE-0-2015-0556)
Vulnerability from nvd – Published: 2015-04-08 18:00 – Updated: 2024-08-06 04:10
VLAI?
Summary
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:11.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "71860",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71860"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "71860",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71860"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2015:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "[oss-security] 20150105 Re: CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/05/9"
},
{
"name": "GLSA-201612-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "[oss-security] 20150103 CVE Request: arj: symlink directory traversal and directory traversal via //multiple/leading/slash",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/5"
},
{
"name": "FEDORA-2015-5524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "71860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71860"
},
{
"name": "DSA-3213",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774434"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0556",
"datePublished": "2015-04-08T18:00:00",
"dateReserved": "2015-01-05T00:00:00",
"dateUpdated": "2024-08-06T04:10:11.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2782 (GCVE-0-2015-2782)
Vulnerability from nvd – Published: 2015-04-08 18:00 – Updated: 2024-08-06 05:24
VLAI?
Summary
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"name": "[oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "73413",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73413"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "[oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"name": "[oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"name": "MDVSA-2015:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "GLSA-201612-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "73413",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73413"
},
{
"name": "FEDORA-2015-5524",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-2782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150328 CVE Request: arj: free on invalid pointer due to to buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/28/5"
},
{
"name": "[oss-security] 20150329 Re: CVE Request: arj: free on invalid pointer due to to buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/29/1"
},
{
"name": "MDVSA-2015:201",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:201"
},
{
"name": "FEDORA-2015-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154605.html"
},
{
"name": "GLSA-201612-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-15"
},
{
"name": "73413",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73413"
},
{
"name": "FEDORA-2015-5524",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155011.html"
},
{
"name": "DSA-3213",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3213"
},
{
"name": "FEDORA-2015-5603",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154518.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-2782",
"datePublished": "2015-04-08T18:00:00",
"dateReserved": "2015-03-29T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}